Skip to main content

πŸ’Ό PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity

  • Contextual name: πŸ’Ό PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity
  • ID: /frameworks/nist-csf-v1.1/pr-ds/06
  • Located in: πŸ’Ό Data Security (PR.DS)

Description​

Empty...

Similar​

  • Sections
    • /frameworks/iso-iec-27001-2013/12/02/01
    • /frameworks/iso-iec-27001-2013/12/05/01
    • /frameworks/iso-iec-27001-2013/14/01/02
    • /frameworks/iso-iec-27001-2013/14/01/03
    • /frameworks/iso-iec-27001-2013/14/02/04
    • /frameworks/nist-sp-800-53-r4/sc/16
    • /frameworks/nist-sp-800-53-r4/si/07
  • Internal
    • ID: dec-c-13df4f79

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό ISO/IEC 27001:2013 β†’ πŸ’Ό A.12.2.1 Controls against malware77
πŸ’Ό ISO/IEC 27001:2013 β†’ πŸ’Ό A.12.5.1 Installation of software on operational systems44
πŸ’Ό ISO/IEC 27001:2013 β†’ πŸ’Ό A.14.1.2 Securing application services on public networks44
πŸ’Ό ISO/IEC 27001:2013 β†’ πŸ’Ό A.14.1.3 Protecting application services transactions78
πŸ’Ό ISO/IEC 27001:2013 β†’ πŸ’Ό A.14.2.4 Restrictions on changes to software packages
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό SC-16 TRANSMISSION OF SECURITY ATTRIBUTES1
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό SI-7 SOFTWARE, FIRMWARE, AND INFORMATION INTEGRITY16

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό DE.CM-09: Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events89
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected82

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (19)​

PolicyLogic CountFlags
πŸ“ AWS RDS Instance Auto Minor Version Upgrade is not enabled 🟠🟒1🟠 x1, 🟒 x6
πŸ“ AWS S3 Bucket Policy is not set to deny HTTP requests 🟒1🟒 x6
πŸ“ Azure App Service does not run the latest Java version 🟒🟒 x3
πŸ“ Azure App Service does not run the latest PHP version 🟒🟒 x3
πŸ“ Azure App Service does not run the latest Python version 🟒🟒 x3
πŸ“ Azure App Service FTP deployments are not disabled 🟒1🟒 x6
πŸ“ Azure App Service HTTPS Only configuration is not enabled 🟒1🟒 x6
πŸ“ Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON 🟒1🟒 x6
πŸ“ Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON 🟒1🟒 x6
πŸ“ Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled 🟒1🟒 x6
πŸ“ Azure PostgreSQL Single Server Infrastructure Double Encryption is not enabled 🟒1🟒 x6
πŸ“ Azure Storage Account Secure Transfer Required is not enabled 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For App Services is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Containers is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Key Vault is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Servers is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Storage is not set to On 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-1a2f62791
βœ‰οΈ dec-x-6ed261671
βœ‰οΈ dec-x-9f7d853f1
βœ‰οΈ dec-x-14f5fc251
βœ‰οΈ dec-x-52ac4ac01
βœ‰οΈ dec-x-75db76ad1
βœ‰οΈ dec-x-879aa9961
βœ‰οΈ dec-x-8535d1ff1
βœ‰οΈ dec-x-215302da1
βœ‰οΈ dec-x-995424b72
βœ‰οΈ dec-x-a00b4ec91
βœ‰οΈ dec-x-a20e54a01
βœ‰οΈ dec-x-a04719771
βœ‰οΈ dec-x-c0a7793e1
βœ‰οΈ dec-x-d5fbfc401
βœ‰οΈ dec-x-d95ea48b1
βœ‰οΈ dec-x-f82b98491
βœ‰οΈ dec-x-fafadacd1