PR.PS-05.253

Has your organization implemented software execution controls to restrict execution to permitted applications and/or block unauthorized software?

Explanation

Software execution controls help prevent malicious or unauthorized programs from running in your environment, reducing the risk of malware infections and data breaches. These controls can include application allowlisting (permitting only approved software), application blocklisting (denying specific prohibited software), or a combination of both approaches based on your risk assessment. Evidence of implementation could include documentation of your application control policy, screenshots of configured application control solutions (like Microsoft AppLocker, Windows Defender Application Control, or endpoint protection platforms), and logs showing blocked execution attempts of unauthorized software.

Implementation Example

When risk warrants it, restrict software execution to permitted products only or deny the execution of prohibited and unauthorized software

ID: PR.PS-05.253

Context

Function: PR: PROTECT
Category: PR.PS: Platform Security
Sub-Category: Installation and execution of unauthorized software are prevented

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub