The organization's application whitelisting software must ensure that only authorized, digitally signed scripts (such as .ps1, .py, macros, etc.) are allowed to run on a system.
Measures
M1 = # of scripts allowed in whitelisitng tool
M4 = # of assets under consideration
Enumerate all instances of whitelisting software from the software inventory
For each instance of whitelisting software, examine its configuration to ensure that it is configured to allow execution of authorized and signed scripts, noting appropriately and inappropriately configured whitelisting software
Measures:
M1 = List of all instances of whitelisting software found in the software inventory
M2 = List of appropriately configured whitelisting software instances
M3 = List of inappropriately configured whitelisting software instances
M4 = |M1|
M5 = |M2|
M6 = |M3|
Metrics:
M5 / M4 = Ratio of appropriately configured whitelisting software instances to the total number of whitelisting software instances in the enterprise
The organization's application whitelisting software must ensure that only authorized, digitally signed scripts (such as .ps1, .py, macros, etc.) are allowed to run on a system.
Measures
Metrics