258 – Filter website content

Summary

The organization must filter the content of websites accessed from a location belonging to the same entity (Output Proxy).

Description

This requirement allows organizations to manage and control internet usage, protect against threats, and ensure that employees adhere to security policies, contributing to a secure environment and enhancing the overall performance of the network.

Supported In

Advanced: True

References

• CIS-9_2. Use DNS filtering services
• MITRE-M1021. Restrict web-based content
• MITRE-M1037. Filter network traffic
• ISO27002-8_22. Web filtering
• IEC62443-RDF-5_2. Zone boundary protection
• IEC62443-RDF-5_3. User content filtering
• OSSTMM3-11_3_1. Data networks security (active detection verification) - Filtering
• WASC-A_42. Abuse of functionality
• ISSAF-G_14. Network security - Firewalls (countermeasures)
• PTES-7_3_1_5. Post exploitation - Network infrastructure analysis (proxy servers)
• C2M2-9_2_g. Implement network protections for cybersecurity architecture
• SIG-N_1_3. Network security
• ISO27001-8_22. Web filtering

Last updated

2024/01/18