2.2: Ensure Software is Supported by Vendor
CSF v1.1 References:
Next Version:
- Critical Security Controls Version 8:
- 2.2: Ensure Authorized Software is Currently Supported
Control Statement
Ensure that only software applications or operating systems currently supported and receiving vendor updates are added to the organization’s authorized software inventory. Unsupported software should be tagged as unsupported in the inventory system.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]