← Back to catalog
SC-44

Detonation Chambers

System and Communications Protection (SC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Employ a detonation chamber capability within [assignment].

Discussion

Detonation chambers, also known as dynamic execution environments, allow organizations to open email attachments, execute untrusted or suspicious applications, and execute Universal Resource Locator requests in the safety of an isolated environment or a virtualized sandbox. Protected and isolated execution environments provide a means of determining whether the associated attachments or applications contain malicious code. While related to the concept of deception nets, the employment of detonation chambers is not intended to maintain a long-term environment in which adversaries can operate and their actions can be observed. Rather, detonation chambers are intended to quickly identify malicious code and either reduce the likelihood that the code is propagated to user environments of operation or prevent such propagation completely.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.