Detections
Analytics

800-53|SA-10(1)

Title

SOFTWARE / FIRMWARE INTEGRITY VERIFICATION

Description

The organization requires the developer of the information system, system component, or information system service to enable integrity verification of software and firmware components.

Supplemental

This control enhancement allows organizations to detect unauthorized changes to software and firmware components through the use of tools, techniques, and/or mechanisms provided by developers. Integrity checking mechanisms can also address counterfeiting of software and firmware components. Organizations verify the integrity of software and firmware components, for example, through secure one-way hashes provided by developers. Delivered software and firmware components also include any updates to such components.

Reference Item Details

Related: SI-7

Category: SYSTEM AND SERVICES ACQUISITION

Parent Title: DEVELOPER CONFIGURATION MANAGEMENT

Family: SYSTEM AND SERVICES ACQUISITION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.6.6.6.2.9 Ensure 'VBA Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'WindowsCIS Microsoft Office Enterprise v1.1.0 L1
GEN006565 - The system package management tool must be used to verify system software periodically.UnixDISA STIG Solaris 10 SPARC v2r4
GEN006565 - The system package management tool must be used to verify system software periodically.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN006565 - The system package management tool must be used to verify system software periodically.UnixDISA STIG for Oracle Linux 5 v2r1
GEN006565 - The system package management tool must be used to verify system software periodically.UnixDISA STIG Solaris 10 X86 v2r4
GEN006565 - The system package management tool must be used to verify system software periodically.UnixDISA STIG AIX 6.1 v1r14
GEN006565 - The system package management tool must be used to verify system software periodically.UnixDISA STIG AIX 5.3 v1r2