>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SI-3(10)Malicious Code Protection

Operational

>Control Description

MALICIOUS CODE PROTECTION | MALICIOUS CODE ANALYSIS (a) The organization employs organization-defined tools and techniques to analyze the characteristics and behaviour of malicious code; and (b) The organization incorporates the results from malicious code analysis into organizational incident response and flaw remediation processes.

>Supplemental Guidance

The application of selected malicious code analysis tools and techniques provides organizations with a more in-depth understanding of adversary tradecraft (i.e., tactics, techniques, and procedures) and the functionality and purpose of specific instances of malicious code. Understanding the characteristics of malicious code facilitates more effective organizational responses to current and future threats. Organizations can conduct malicious code analyses by using reverse engineering techniques or by monitoring the behaviour of executing code.

Ask AI

Configure your API key to use AI features.