2.7: Allowlist Authorized Scripts
Incorporates the following controls from the previous version: 2.9: Implement Application Whitelisting of Scripts, 4.7: Limit Access to Script Tools, 7.3: Limit Use of Scripting Languages in Web Browsers and Email Clients.
Use technical controls, such as digital signatures and version control, to ensure that only authorized scripts, such as specific .ps1, .py, etc., files, are allowed to execute. Block unauthorized scripts from executing. Reassess bi-annually, or more frequently.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]