Building blocks are cybersecurity solutions that are applicable across multiple industry sectors. The Software Asset Management Building Block will help organizations inventory and assess the state of installed software across their IT systems.
This building block proposes a standardized approach to software asset management so that an organization has an integrated view of software throughout its lifecycle. It is a collaboration among NCCoE, NIST's Information Technology Lab, and the Department of Homeland Security, General Services Administration, and National Security Agency. The building block will support:
- Authorization and verification of software installation media – Verifies that the media is from a trusted software publisher and that the installation media has not been tampered with
- Software execution whitelisting – Verifies that the software is authorized to run and has not been tampered with
- Publication of installed software inventory – A device securely communicates what software is installed to an organization-wide database
- Software inventory-based network access control – A device's level of access to a network is determined by what software is or is not present on the device and whether its patches are up to date
We'd appreciate your comments. The comment period is open until January 17, 2014.