deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

better spacing

Browse Source
This commit is contained in:
Beth Levin 2019-03-22 16:44:03 -07:00
parent e9afffc292
commit 74925d2d65
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/intelligence/supply-chain-malware.md
View File

@ -52,10 +52,12 @@ To learn more about supply chain attacks, read this blog post called [attack inc
* Immediately apply security patches for OS and software. * Immediately apply security patches for OS and software.
* Implement mandatory integrity controls to ensure only trusted tools run. * Implement mandatory integrity controls to ensure only trusted tools run.
* Require multi-factor authentication for admins. * Require multi-factor authentication for admins.
* Build secure software updaters as part of the software development lifecycle. * Build secure software updaters as part of the software development lifecycle.
* Require SSL for update channels and implement certificate pinning. * Require SSL for update channels and implement certificate pinning.
* Sign everything, including configuration files, scripts, XML files, and packages. * Sign everything, including configuration files, scripts, XML files, and packages.
* Check for digital signatures, and dont let the software updater accept generic input and commands. * Check for digital signatures, and dont let the software updater accept generic input and commands.
* Develop an incident response process for supply chain attacks. * Develop an incident response process for supply chain attacks.
* Disclose supply chain incidents and notify customers with accurate and timely information * Disclose supply chain incidents and notify customers with accurate and timely information