SI-7(13): Code Execution In Protected Environments

CSF v1.1 References:


(Not part of any baseline)

Warning icon.

Control is withdrawn in the next version of this control set and incorporated into: CM-7(7): Code Execution in Protected Environments.

Control Statement

The organization allows execution of binary or machine-executable code obtained from sources with limited or no warranty and without the provision of source code only in confined physical or virtual machine environments and with the explicit approval of [Assignment: organization-defined personnel or roles].

Supplemental Guidance

This control enhancement applies to all sources of binary or machine-executable code including, for example, commercial software/firmware and open source software.