Detections
Analytics

800-53|SI-3(10)

Title

MALICIOUS CODE ANALYSIS

Description

The organization:

Supplemental

The application of selected malicious code analysis tools and techniques provides organizations with a more in-depth understanding of adversary tradecraft (i.e., tactics, techniques, and procedures) and the functionality and purpose of specific instances of malicious code. Understanding the characteristics of malicious code facilitates more effective organizational responses to current and future threats. Organizations can conduct malicious code analyses by using reverse engineering techniques or by monitoring the behavior of executing code.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: MALICIOUS CODE PROTECTION

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
8.4.2 Control VMsafe Agent AddressVMwareCIS VMware ESXi 5.1 v1.0.1 Level 1
8.4.2 Control VMsafe Agent AddressVMwareCIS VMware ESXi 5.5 v1.2.0 Level 1
8.4.3 Control VMsafe Agent PortVMwareCIS VMware ESXi 5.1 v1.0.1 Level 1
8.4.3 Control VMsafe Agent PortVMwareCIS VMware ESXi 5.5 v1.2.0 Level 1
8.4.4 Control VMsafe Agent ConfigurationVMwareCIS VMware ESXi 5.1 v1.0.1 Level 1
8.4.4 Control VMsafe Agent ConfigurationVMwareCIS VMware ESXi 5.5 v1.2.0 Level 1
CNTR-K8-002720 - Kubernetes must contain the latest updates as authorized by IAVMs, CTOs, DTMs, and STIGs.UnixDISA STIG Kubernetes v1r11
Send file samples when further analysis is requiredWindowsMSCT Windows Server v20H2 DC v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server 1903 DC v1.19.9
Send file samples when further analysis is requiredWindowsMSCT Windows Server v1909 MS v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server 2019 DC v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server v20H2 MS v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server 2016 DC v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows 10 v2004 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows 10 1903 v1.19.9
Send file samples when further analysis is requiredWindowsMSCT Windows 10 v21H2 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows 10 v22H2 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows 10 v21H1 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server 1903 MS v1.19.9
Send file samples when further analysis is requiredWindowsMSCT Windows 11 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server v1909 DC v1.0.0
Send file samples when further analysis is requiredWindowsMSCT MSCT Windows Server 2022 DC v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server 2016 MS v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server 2022 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server v2004 DC v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server v2004 MS v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows Server 2019 MS v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows 10 1809 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows 10 1909 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows 10 v20H2 v1.0.0
Send file samples when further analysis is requiredWindowsMSCT Windows 11 v22H2 v1.0.0
Send file samples when further analysis is required - SubmitSamplesConsentWindowsMSCT Windows 10 1803 v1.0.0
VM : verify-vmsafe-cpumem-agentaddressVMwareVMWare vSphere 5.X Hardening Guide
VM : verify-vmsafe-cpumem-agentportVMwareVMWare vSphere 5.X Hardening Guide
VM : verify-vmsafe-cpumem-enableVMwareVMWare vSphere 5.X Hardening Guide