National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

NIST Special Publication 800-53 (Rev. 4)

Security and Privacy Controls for Federal Information Systems and Organizations

SC-44 DETONATION CHAMBERS

Family:
SC - SYSTEM AND COMMUNICATIONS PROTECTION
Class:
Priority:
P0 - Unspecified priority.
Baseline Allocation:
Low Moderate High
N/A N/A N/A

Control Description

The organization employs a detonation chamber capability within [Assignment: organization-defined information system, system component, or location].

Supplemental Guidance

Detonation chambers, also known as dynamic execution environments, allow organizations to open email attachments, execute untrusted or suspicious applications, and execute Universal Resource Locator (URL) requests in the safety of an isolated environment or virtualized sandbox. These protected and isolated execution environments provide a means of determining whether the associated attachments/applications contain malicious code. While related to the concept of deception nets, the control is not intended to maintain a long-term environment in which adversaries can operate and their actions can be observed. Rather, it is intended to quickly identify malicious code and reduce the likelihood that the code is propagated to user environments of operation (or prevent such propagation completely).

Related to: SC-7SC-25SC-26SC-30

Control Enhancements

None.

References

None.