CSA CCM UEM-14

This control provides for the implementation of best practices for third-party endpoint management. Several cloud service providers support content trust models that require container images be signed by trusted sources. Malicious images can be prevented from running by implementing application control, script blocking, and other runtime execution prevention mechanisms from untrusted sources .

This control provides for the implementation of best practices for third-party endpoint management. Malicious executables can be prevented from running by implementing application control, script blocking, and other execution prevention mechanisms.

This control provides for the implementation of best practices for third-party endpoint management. Malicious modification or disabling of security tools can be mitigated by implementing application control, script blocking, and other execution prevention mechanisms.

This control provides for the implementation of best practices for third-party endpoint management. The execution of unauthorized or malicious code on systems through abuse of command and script interpreters can be prevented by implementing application control, script blocking, and other execution prevention mechanisms.

This control provides for the implementation of best practices for third-party endpoint management. The execution of unauthorized or malicious code on systems through abuse of command and script interpreters can be prevented by implementing application control, script blocking, and other execution prevention mechanisms.

This control provides for the implementation of best practices for third-party endpoint management. Endpoint exploit protection capabilities can be used to detect, block, and mitigate conditions indicative of exploits to taint content in shared storage locations.

This control provides for the implementation of best practices for third-party endpoint management. Endpoint exploit protection capabilities can be used to detect, block, and mitigate conditions indicative of exploits to bypass security features.

This control provides for the implementation of best practices for third-party endpoint management. Endpoint exploit protection capabilities can be used to detect, block, and mitigate conditions indicative of exploits of public-facing applications.

This control provides for the implementation of best practices for third-party endpoint management. Proper security configurations, limited system access, and application control can help mitigate the risk of adversaries deleting or removing built-in data and turning off services designed to aid in the recovery of a corrupted system.

This control provides for the implementation of best practices for third-party endpoint management. Proper security configurations and limited system access can help prevent adversaries from creating accounts to maintain access.

This control provides for the implementation of best practices for third-party endpoint management. Proper security configurations and limited system access can help prevent adversaries from manipulating accounts to maintain and/or elevate access.

This control provides for the implementation of best practices for third-party endpoint management. Adjusting access to user lists can prevent abuse of system functionality and help prevent adversaries from getting a listing of valid accounts or usernames.

This control provides for the implementation of best practices for third-party endpoint management. Adjusting system settings and hardening default configurations can mitigate adversary exploitation of elevation control mechanisms and prevent abuse of system functionality.

This control provides for the implementation of best practices for third-party endpoint management. Configuring applications to delete persistent web cookies to help mitigate the risk of adversaries using stolen session cookies.

This control provides for the implementation of best practices for third-party endpoint management. Cloud service providers may allow customers to deactivate unused regions to help mitigate the risk of adversaries creating resources in unused regions.

This control provides for the implementation of best practices for third-party endpoint management. Configuring appropriate data sharing restrictions in cloud services can help mitigate the risk of adversaries exfiltrating data by transferring.

This control provides for the implementation of best practices for third-party endpoint management. Securing resource groups and limiting permissions can help mitigate the risk of adversaries adding, deleting, or otherwise modifying hierarchical structures.

This control provides for the implementation of best practices for third-party endpoint management. Preventing insecure connections and ensuring proper permissions can help mitigate the risk of adversaries hindering or disabling preventative defenses.

This control provides for the implementation of best practices for third-party endpoint management. Configuring applications to delete persistent web credentials and limiting privileges can help mitigate the risk of adversaries generating and using forged web cookies.

This control provides for the implementation of best practices for third-party endpoint management. Effectively securing information repositories and enforcing robust data retention policies can mitigate the risk of adversaries exploiting information repositories to access sensitive or valuable information.

This control provides for the implementation of best practices for third-party endpoint management. Configuring applications to delete persistent web credentials and limiting privileges can help mitigate the risk of adversaries generating and using forged web credentials.

This control provides for the implementation of best practices for third-party endpoint management. Effectively securing information repositories and enforcing robust data retention policies can mitigate the risk of adversaries exploiting information repositories to access sensitive or valuable information.