SI-3 (10)

System and Information IntegrityRev 5organization

Malicious Code Protection

Control Statement

(a) Employ the following tools and techniques to analyze the characteristics and behavior of malicious code: [Assignment: tools and techniques] ; and (b) Incorporate the results from malicious code analysis into organizational incident response and flaw remediation processes.

Supplemental Guidance

The use of malicious code analysis tools provides organizations with a more in-depth understanding of adversary tradecraft (i.e., tactics, techniques, and procedures) and the functionality and purpose of specific instances of malicious code. Understanding the characteristics of malicious code facilitates effective organizational responses to current and future threats. Organizations can conduct malicious code analyses by employing reverse engineering techniques or by monitoring the behavior of executing code.

CCI Identifiers (6)

CCI-002634Defines the tools to be employed to analyze the characteristics and behavior of malicious code.CCI-002638Employ organization-defined techniques to analyze the characteristics and behavior of malicious code.CCI-002635Defines the techniques to be employed to analyze the characteristics and behavior of malicious code.CCI-002636Employ organization-defined tools to analyze the characteristics and behavior of malicious code.CCI-002639Incorporate the results from malicious code analysis into organizational incident response processes.CCI-002640Incorporate the results from malicious code analysis into organizational flaw remediation processes.

Linked STIG Checks (1)

Across 1 STIGs. Click to expand.

SI-3 (10)

Malicious Code Protection

Control Statement

Supplemental Guidance

CCI Identifiers (6)

Assessment Methods

Linked STIG Checks (1)