SI-7 Software, Firmware, and Information Integrity

nolunwa-ucsc commented 1 year ago

https://csf.tools/reference/nist-sp-800-53/r5/si/si-7/

a. Employ integrity verification tools to detect unauthorized changes to the following software, firmware, and information.

The Team needs to define software, firmware, and information that are subject to integrity verification. This may include operating systems, critical applications such as servers, configuration files, and databases and
defines software requiring integrity verification tools to be employed to detect unauthorized changes

b. Take the following actions when unauthorized changes to the software, firmware, and information are detected: [Assignment: organization-defined actions].

Isolate Affected Systems, Investigate the Incident, Contain the Incident, Alert the Incident Response Team, Document, Remediation, Notification any affected user, Restore Systems, Review and Lessons Learned

hannes-ucsc commented 1 year ago

We assign during triage.

dsotirho-ucsc commented 1 year ago

Assignee to describe what we are currently doing, what measures are partially implemented to address this control.

hannes-ucsc commented 8 months ago

Spike is done: https://docs.google.com/document/d/1Kg0dMZmCw6gtkvabD2jYWPZO2Mx_wsC8BJPKdeKTfg0/edit#heading=h.oxoql2ubo0wn

nolunwa-ucsc commented 7 months ago

SSP updated

DataBiosphere / azul

SI-7 Software, Firmware, and Information Integrity #5653