← Controls / SI

SI-16 Memory Protection

System and Information Integrity

Moderate High

Description

Implement the following controls to protect the system memory from unauthorized code execution: [Assignment: organization-defined parameters].

Supplemental Guidance

Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Controls employed to protect memory include data execution prevention and address space layout randomization. Data execution prevention controls can either be hardware-enforced or software-enforced with hardware enforcement providing the greater strength of mechanism.

Changes from Rev 4

No significant title changes from Rev 4.

MITRE ATT&CK Techniques (36)

ATT&CK v16.1

Techniques mitigated by this control, mapped via CTID.

Execution 11 Persistence 5 Privilege Escalation 8 Defense Evasion 15 Credential Access 1 Impact 3
Show all 36 techniques grouped by tactic

Credential Access

T1003.001

Compliance Mappings

COBIT 2019

DSS05

CIS Controls v8

CIS 10CIS 10.5CIS 13.7

PCI DSS v4.0.1

5.26.2

IEC 62443

3-3 SR 3.4

MAS TRM

11

APRA CPS 234

Para 22-23

BSI IT-Grundschutz

OPS.1.1.4SYS.1.1SYS.2.1

ANSSI

Hygiene.21

FINMA Circular 2023/1

IV.C(64)IV.C(65)

OSFI B-13

B-13.3.2

EU DORA

Art.10(1)

RBI CSF

Annex1.13

FISC Security Guidelines

FISC.T7

HKMA TM-E-1

TME1.7.3

EU CRA

CRA.I.2k

SAMA CSF

3.3

NCA ECC

2-142-3

UAE IA

T7

Qatar NIA

OS

CBUAE

CR-7

CBE CSF

CTO-7

SA JS2

JS2-7.2JS2-8.4

CBN CSF

Part3.3

BoG CISD

CISD-VI

IOSCO Cyber Resilience

DET-2

CPMI-IOSCO PFMI

CG.PR

FFIEC IS

II.C.12

ECB CROE

CROE.2.3.4

SEBI CSCRF

PR.ES

BOT Cyber Resilience

Ch2.6

CMMC 2.0

SI

10 CFR 73.54

RG5.71-A-SI

IEEE 1686-2022

5.3

PCI PTS v6

B

Common Criteria

CC Part 2 — FPT

Lloyd's Minimum Standards

MS8.10

FDA Cybersecurity Guidance

SA-3

OWASP MASVS v2.1

MASVS-CODE-4