Department of Homeland Security – Application Whitelisting (AWL): Strategic Planning Guide
3.4 3.4.8 Configuration Management
https://www.cisa.gov/sites/default/files/cdm_files/FNR_NIS_OTH_AWL_Strategic_Planning_Guide.pdf
This document highlights and summarizes the types of choices, and the related decisions, that need to be made prior to starting the planning process.
Fortra – CIS Control 02: Inventory and Control of Software Assets
3.4 3.4.8
https://www.tripwire.com/state-of-security/cis-control-2
This blog goes over Control 2 from version 8.1 of the top 18 CIS Controls – Inventory and Control of Software Assets. It discusses the seven safeguards and offers thoughts and information
NIST SP 800-53: CM-7 Least Functionality
3.4 3.4.7 3.4.8
https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=CM-07
NIST resource that defines requirements for configuring information systems to provide only essential capabilities such as restricting / blacklisting software.
