⚜️
DFS CheckList
  • What is DFS Checklist?
  • Scope
    • What is a scope?
    • How to define a scope for DeFi app?
  • Checklist
    • Scope is defined
      • Scope is described
      • Personnel is listed
    • Network security
      • Network rules defined and saved
      • Network rules implemented
    • Third party software security
      • Software listed
      • Software configured
    • Inhouse software security
      • Software listed
      • Software configured
    • Access Control Measures
      • Identify Users and Authenticate Access to System Components
      • Restrict Access to System Components by Business Need to Know
    • Monitoring and Alerting
      • Log and Monitor All Access to the Scope
      • Setup alerting for critical events
    • Security routines
      • Complience controls
Powered by GitBook
On this page
  1. Checklist
  2. Third party software security

Software listed

Important here means important for business process

1

All important software listed

2

All vendors of the software are listed. No abandoned software. All licenses are valid. All security feed of vendors are listed and monitored.

3

Secure software configuration exists (script, config files).

4

Software configuration secure storage is set.

5

Changes management procedure described.

6

Urgent security update procedures set

Malicious software (malware) is software or firmware designed to infiltrate or damage a computer system without the owner's knowledge or consent, with the intent of compromising the confidentiality, integrity, or availability of the owner’s data, applications, or operating system.

Examples include viruses, worms, Trojans, spyware, ransomware, keyloggers, and rootkits, malicious code, scripts, and links. Malware can enter the network during many business-approved activities, including employee e-mail (for example, via phishing) and use of the Internet, mobile computers, and storage devices, resulting in the exploitation of system vulnerabilities. Using anti-malware solutions that address all types of malware helps to protect systems from current and evolving malware threats.

PreviousThird party software securityNextSoftware configured

Last updated 1 year ago