SI-4(22): Unauthorized Network Services
CSF v1.1 References:
(Not part of any baseline)
- NIST Special Publication 800-53 Revision 5:
- SI-4(22): Unauthorized Network Services
The information system detects network services that have not been authorized or approved by [Assignment: organization-defined authorization or approval processes] and [Selection (one or more): audits; alerts [Assignment: organization-defined personnel or roles]].
Unauthorized or unapproved network services include, for example, services in service-oriented architectures that lack organizational verification or validation and therefore may be unreliable or serve as malicious rogues for valid services.