2.7: Allowlist Authorized Scripts

CSF v1.1 References:

PF v1.0 References:

Threats Addressed:


Control Statement

Use technical controls, such as digital signatures and version control, to ensure that only authorized scripts, such as specific .ps1, .py, etc., files, are allowed to execute. Block unauthorized scripts from executing. Reassess bi-annually, or more frequently.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]