Details
Auto Update verifies that your system has the newest security patches and software updates. If ‘Automatically check for updates’ is not selected background updates for new malware definition files from Apple for XProtect and Gatekeeper will not occur.
http://macops.ca/os-x-admins-your-clients-are-not-getting-background-security-updates/
https://derflounder.wordpress.com/2014/12/17/forcing-xprotect-blacklist-updates-on-mavericks-and-yosemite/
Rationale:
It is important that a system has the newest updates applied so as to prevent unauthorized persons from exploiting identified vulnerabilities.
Impact:
Without automatic update, updates may not be made in a timely manner and the system will be exposed to additional risk.
Solution
Perform the following to implement the prescribed state:
Open a terminal session and enter the following command to enable the auto update feature:
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate AutomaticCheckEnabled -int 1
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.