Segment the organization network
Summary
The organization network must be segmented.
Description
empty
Supported In
This requirement is verified in following services
| Plan | Supported |
|---|---|
| Machine | 🔴 |
| Squad | 🟢 |
References
- CIS-9_2. Use DNS filtering services
- CIS-3_12. Segment data processing and storage based on sensitivity
- CWE™-923. Improper restriction of communication channel to intended endpoints
- OWASP TOP 10-A5. Security misconfiguration
- OWASP TOP 10-A10. Server-side request forgery
- MITRE ATT&CK®-M1030. Network segmentation
- CMMC-SC_L1-3_13_5. Public-access system separation
- HITRUST CSF-01_m. Segregation in networks
- HITRUST CSF-09_m. Network controls
- ISO/IEC 27002-8_8. Management of technical vulnerabilities
- ISO/IEC 27002-8_23. Segregation in networks
- ISA/IEC 62443-RDF-5_1. Network segmentation
- NIST SSDF-PO_5_1. Implement and maintain secure environments for software development
- C2M2-9_2_b. Implement network protections for cybersecurity architecture
- PCI DSS-1_3_1. Inbound traffic to the cardholder data environment is restricted
- PCI DSS-1_3_2. Outbound traffic to the cardholder data environment is restricted
- SIG Lite-SL_88. Is development, test, and staging environment separate from the production environment?
- SIG Core-D_9_2. Asset and information management
- SIG Core-N_1_7. Network security
- CAPEC™-700. Network Boundary Bridging
- ISO/IEC 27001-8_8. Management of technical vulnerabilities
- ISO/IEC 27001-8_23. Segregation in networks
- Resolution SB 2021 2126-Art_26_11_l. Information Security
Vulnerabilities
free trial
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.