Skip to main content
END

Endpoint Security

47 controls

Harden endpoint devices to protect against reasonable threats to those devices and the data those devices store, transmit and process.

SCF # Control Name Weight NIST CSF Frameworks
END-01 Endpoint Device Management (EDM) 10 — Critical Govern 100
END-01.1 Unified Endpoint Device Management (UEDM) 6 — Medium Protect 1
END-02 Endpoint Protection Measures 9 — Critical Protect 70
END-03 Prohibit Installation Without Privileged Status 9 — Critical Protect 55
END-03.1 Software Installation Alerts 8 — High Protect 18
END-03.2 Governing Access Restriction for Change 8 — High Protect 38
END-04 Malicious Code Protection (Anti-Malware) 10 — Critical Detect 110
END-04.1 Automatic Antimalware Signature Updates 9 — Critical Protect 69
END-04.2 Documented Protection Measures 3 — Low Identify 5
END-04.3 Centralized Management of Antimalware Technologies 8 — High Detect 32
END-04.4 Heuristic / Nonsignature-Based Detection 8 — High Detect 39
END-04.5 Malware Protection Mechanism Testing 5 — Medium Detect 4
END-04.6 Evolving Malware Threats 3 — Low Detect 7
END-04.7 Always On Protection 9 — Critical Detect 29
END-05 Software Firewall 9 — Critical Protect 15
END-06 Endpoint File Integrity Monitoring (FIM) 8 — High Protect 57
END-06.1 Integrity Checks 6 — Medium Detect 26
END-06.2 Endpoint Detection & Response (EDR) 9 — Critical Respond 34
END-06.3 Automated Notifications of Integrity Violations 5 — Medium Respond 11
END-06.4 Automated Response to Integrity Violations 5 — Medium Respond 11
END-06.5 Boot Process Integrity 5 — Medium Protect 6
END-06.6 Protection of Boot Firmware 5 — Medium Protect 9
END-06.7 Binary or Machine-Executable Code 5 — Medium Protect 9
END-06.8 Extended Detection & Response (XDR) 5 — Medium Protect 1
END-07 Host Intrusion Detection and Prevention Systems (HIDS / HIPS) 9 — Critical Protect 20
END-08 Phishing & Spam Protection 10 — Critical Protect 50
END-08.1 Central Management 5 — Medium Protect 18
END-08.2 Automatic Spam and Phishing Protection Updates 8 — High Protect 24
END-09 Trusted Path 9 — Critical Protect 6
END-10 Mobile Code 4 — Medium Detect 41
END-11 Thin Nodes 4 — Medium Protect 4
END-12 Port & Input / Output (I/O) Device Access 6 — Medium Protect 9
END-13 Sensor Capability 7 — High Protect 6
END-13.1 Authorized Use 8 — High Protect 6
END-13.2 Notice of Collection 6 — Medium Identify 5
END-13.3 Collection Minimization 8 — High Protect 10
END-13.4 Sensor Delivery Verification 4 — Medium Protect 3
END-14 Collaborative Computing Devices 9 — Critical Protect 41
END-14.1 Disabling / Removal In Secure Work Areas 5 — Medium Protect 5
END-14.2 Explicitly Indicate Current Participants 5 — Medium Protect 6
END-14.3 Participant Identity Verification 7 — High Protect 4
END-14.4 Participant Connection Management 5 — Medium Protect 3
END-14.5 Malicious Link & File Protections 7 — High Protect 4
END-14.6 Explicit Indication Of Use 6 — Medium Protect 6
END-15 Hypervisor Access 9 — Critical Protect 1
END-16 Restrict Access To Security Functions 7 — High Protect 22
END-16.1 Host-Based Security Function Isolation 7 — High Protect 20

The Secure Controls Framework (SCF) is maintained by SCF Council. Use of SCF content is subject to the SCF Terms & Conditions.

Manage SCF Controls in SCF Connect

Streamline your compliance program with automated control tracking, evidence management, and framework mapping.

Get Started Free