CIS Control 8This is a foundational Control
Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.
Why is this CIS Control critical?
Malicious software is an integral and dangerous aspect of internet threats, as it is designed to attack your systems, devices, and your data. It is fast-moving, fast-changing, and enter through any number of points like end-user devices, email attachments, web pages, cloud services, user actions, and removable media. Modern malware is designed to avoid defenses, and attack or disable them.
Malware defenses must be able to operate in this dynamic environment through large-scale automation, rapid updating, and integration with processes like incident response. They must also be deployed at multiple possible points of attack to detect, stop the movement of, or control the execution of malicious software. Enterprise endpoint security suites provide administrative features to verify that all defenses are active and current on every managed system.
- Utilize centrally managed anti-malware software to continuously monitor and defend each of the organization's workstations and servers.
- Enable anti-exploitation features such as Data Execution Prevention (DEP) or Address Space Layout Randomization (ASLR) that are available in an operating system or deploy appropriate toolkits that can be configured to apply protection to a broader set of applications and executables.
Want to implement this foundational Control?
Information Hub : CIS Controls
Media mention • 29 Oct 2020
Media mention • 28 Oct 2020
Blog post • 26 Oct 2020
White paper • 26 Oct 2020