CM-10: Software Usage Restrictions

From NIST's SP800-53:

a. Use software and associated documentation in accordance with contract agreements and copyright laws; b. Track the use of software and associated documentation protected by quantity licenses to control copying and distribution; and c. Control and document the use of peer-to-peer file sharing technology to ensure that this capability is not used for the unauthorized distribution, display, performance, or reproduction of copyrighted work.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Search:

Control ID	Description
DE.CM-3	Personnel activity is monitored to detect potential cybersecurity events

Showing 1 to 1 of 1 entries

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

Search:

ATT&CK ID	Title	Associated Tactics
T1559.002	Dynamic Data Exchange	Execution
T1562.009	Safe Mode Boot	Defense Evasion
T1550.001	Application Access Token	Defense Evasion, Lateral Movement
T1553	Subvert Trust Controls	Defense Evasion
T1546.008	Accessibility Features	Persistence, Privilege Escalation
T1546.013	PowerShell Profile	Persistence, Privilege Escalation
T1559	Inter-Process Communication	Execution
T1562.006	Indicator Blocking	Defense Evasion
T1553.004	Install Root Certificate	Defense Evasion

Showing 1 to 9 of 9 entries