DE.CM-5: Unauthorized mobile code is detected
Threats Addressed:
Description
[csf.tools Note: Subcategories do not have detailed descriptions.]
Related Controls
NIST Special Publication 800-53 Revision 5
SC-18: Mobile Code
Define acceptable and unacceptable mobile code and mobile code technologies; and Authorize, monitor, and control the use of mobile code within the system.
SC-44: Detonation Chambers
Employ a detonation chamber capability within [Assignment: organization-defined system, system component, or location].
SI-4: System Monitoring
1. Strategically within the system to collect organization-determined essential information; and 1. At ad hoc locations within the system to track specific types of transactions of interest to the organization; Monitor the system to detect: Attacks and indicators of potential attacks in accordance with the following monitoring objectives: [Assignment: organization-defined monitoring objectives]; and Unauthorized local,…
NIST Special Publication 800-171 Revision 2
3.13.13: Control and monitor the use of mobile code
Mobile code technologies include Java, JavaScript, ActiveX, Postscript, PDF, Flash animations, and VBScript. Decisions regarding the use of mobile code in organizational systems are based on the potential for the code to cause damage to the systems if used maliciously. Usage restrictions and implementation guidance apply to the selection and use of mobile code installed…
Cloud Controls Matrix v3.0.1
CCC-04: Unauthorized Software Installations
Policies and procedures shall be established, and supporting business processes and technical measures implemented, to restrict the installation of unauthorized software on organizationally-owned or managed user end-point devices (e.g., issued workstations, laptops, and mobile devices) and IT infrastructure network and systems components.
MOS-03: Approved Applications
The company shall have a documented policy prohibiting the installation of non-approved applications or approved applications not obtained through a pre-identified application store.
TVM-03: Mobile Code
Policies and procedures shall be established, and supporting business processes and technical measures implemented, to prevent the execution of unauthorized mobile code, defined as software transferred between systems over a trusted or untrusted network and executed on a local system without explicit installation or execution by the recipient, on organizationally-owned or managed user end-point devices…
NIST Special Publication 800-53 Revision 4
SC-18: Mobile Code
The organization: Defines acceptable and unacceptable mobile code and mobile code technologies; Establishes usage restrictions and implementation guidance for acceptable mobile code and mobile code technologies; and Authorizes, monitors, and controls the use of mobile code within the information system.
SC-44: Detonation Chambers
The organization employs a detonation chamber capability within [Assignment: organization-defined information system, system component, or location].
SI-4: Information System Monitoring
The organization: Monitors the information system to detect: Attacks and indicators of potential attacks in accordance with [Assignment: organization-defined monitoring objectives]; and Unauthorized local, network, and remote connections; Identifies unauthorized use of the information system through [Assignment: organization-defined techniques and methods]; Deploys monitoring devices: Strategically within the information system to collect organization-determined essential information; and…