16.5: Use Up-to-Date and Trusted Third-Party Software Components

CSF v1.1 References:

PF v1.0 References:


Previous Version:

Control Statement

Use up-to-date and trusted third-party software components. When possible, choose established and proven frameworks and libraries that provide adequate security. Acquire these components from trusted sources or evaluate the software for vulnerabilities before use.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]