Topic

Application control

Applicable to

all

History

Priority

must

Mar 2023

When implementing application control using path rules, only approved users can modify approved files and write to approved folders.

An existing control relating to application control where ‘only approved users can write to and modify content within approved folders and files’ was amended to ‘only approved users can modify approved files and write to approved folders’.

Mar 2022

When implementing application control using path rules, only approved users can write to and modify content within approved folders and files.

Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.

Apr 2020

When implementing application control using path rules, file system permissions are configured to prevent unauthorised modification of folder and file permissions, folder contents (including adding new files) and individual files that are approved to execute.

Security controls 0843, 1490, 0955, 1471, 1392, 1544, 0846 and 0957 were modified to replace ‘application whitelisting’ with ‘application control’.

Mar 2020

When implementing application whitelisting using path rules, file system permissions are configured to prevent unauthorised modification of folder and file permissions, folder contents (including adding new files) and individual files that are approved to execute.

2015

When implementing application whitelisting using absolute path rules, file system permissionsmust be configured to prevent users and system administrators from modifying files that arepermitted to run.