16.5: Use Up-to-Date and Trusted Third-Party Software Components
CSF v1.1 References:
PF v1.0 References:
Previous Version:
- Critical Security Controls Version 7.1:
- 18.4: Only Use Up-to-Date and Trusted Third-Party Components
Control Statement
Use up-to-date and trusted third-party software components. When possible, choose established and proven frameworks and libraries that provide adequate security. Acquire these components from trusted sources or evaluate the software for vulnerabilities before use.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]