Skip to main content
MuonPartners
Services
Architecture

Solution design and technology roadmapping

Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security

Security assessments, IAM, and compliance

AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform

Network architecture and cloud platforms

Network DesignCloud StrategyModernisation
Enterprise Architecture

Business-technology alignment

Business AlignmentPortfolio AnalysisGovernance
View all services
ProjectsCase StudiesInsightsToolsAbout
Contact Us

Services

Architecture
Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security
AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform
Network DesignCloud StrategyModernisation
Enterprise Architecture
Business AlignmentPortfolio AnalysisGovernance
ProjectsCase StudiesInsightsToolsAboutContact
Get in Touch
MuonPartners

Strategic technology consulting for Australian organisations navigating complexity.

Services

  • Architecture
  • Cyber Security
  • Network and Platform
  • Enterprise Architecture

Company

  • About
  • Products
  • Frameworks
  • Cross-Framework Mapping
  • Projects
  • Case Studies
  • Insights
  • Contact

Contact

  • [email protected]
  • Australia
  • LinkedIn

© 2026 Muon Partners. All rights reserved.

ABN 50 669 022 315 · A Muon Group company.

Privacy PolicyTerms of Service
  1. Frameworks
  2. >SP 800-53
  3. >Configuration Management
  4. >SP800-53-CM-7(8)
SP800-53-CM-7(8)Active

Binary or Machine Executable Code

Statement

Prohibit the use of binary or machine-executable code from sources with limited or no warranty or without the provision of source code; and Allow exceptions only for compelling mission or operational requirements and with the approval of the authorizing official.

Location

Control Family
Configuration Management

Control Details

Identifier
SP800-53-CM-7(8)
Family
CM
Parent Control
SP800-53-CM-7

Supplemental Guidance

Binary or machine executable code applies to all sources of binary or machine-executable code, including commercial software and firmware and open-source software. Organizations assess software products without accompanying source code or from sources with limited or no warranty for potential security impacts. The assessments address the fact that software products without the provision of source code may be difficult to review, repair, or extend. In addition, there may be no owners to make such repairs on behalf of organizations. If open-source software is used, the assessments address the fact that there is no warranty, the open-source software could contain back doors or malware, and there may be no support available.

Assessment Objective

the use of binary or machine-executable code is prohibited when it originates from sources with limited or no warranty or without the provision of source code; exceptions to the prohibition of binary or machine-executable code from sources with limited or no warranty or without the provision of source code are allowed only for compelling mission or operational requirements; exceptions to the prohibition of binary or machine-executable code from sources with limited or no warranty or without the provision of source code are allowed only with the approval of the authorizing official.

No cross-framework mappings available

← Back to Configuration Management
Configuration Management66 controls
SP800-53-CM-1Policy and ProceduresSP800-53-CM-2Baseline ConfigurationSP800-53-CM-2(1)Reviews and UpdatesSP800-53-CM-2(2)Automation Support for Accuracy and CurrencySP800-53-CM-2(3)Retention of Previous ConfigurationsSP800-53-CM-2(4)Unauthorized SoftwareSP800-53-CM-2(5)Authorized SoftwareSP800-53-CM-2(6)Development and Test EnvironmentsSP800-53-CM-2(7)Configure Systems and Components for High-risk AreasSP800-53-CM-3Configuration Change ControlSP800-53-CM-3(1)Automated Documentation, Notification, and Prohibition of ChangesSP800-53-CM-3(2)Testing, Validation, and Documentation of ChangesSP800-53-CM-3(3)Automated Change ImplementationSP800-53-CM-3(4)Security and Privacy RepresentativesSP800-53-CM-3(5)Automated Security ResponseSP800-53-CM-3(6)Cryptography ManagementSP800-53-CM-3(7)Review System ChangesSP800-53-CM-3(8)Prevent or Restrict Configuration ChangesSP800-53-CM-4Impact AnalysesSP800-53-CM-4(1)Separate Test EnvironmentsSP800-53-CM-4(2)Verification of ControlsSP800-53-CM-5Access Restrictions for ChangeSP800-53-CM-5(1)Automated Access Enforcement and Audit RecordsSP800-53-CM-5(2)Review System ChangesSP800-53-CM-5(3)Signed ComponentsSP800-53-CM-5(4)Dual AuthorizationSP800-53-CM-5(5)Privilege Limitation for Production and OperationSP800-53-CM-5(6)Limit Library PrivilegesSP800-53-CM-5(7)Automatic Implementation of Security SafeguardsSP800-53-CM-6Configuration SettingsSP800-53-CM-6(1)Automated Management, Application, and VerificationSP800-53-CM-6(2)Respond to Unauthorized ChangesSP800-53-CM-6(3)Unauthorized Change DetectionSP800-53-CM-6(4)Conformance DemonstrationSP800-53-CM-7Least FunctionalitySP800-53-CM-7(1)Periodic ReviewSP800-53-CM-7(2)Prevent Program ExecutionSP800-53-CM-7(3)Registration ComplianceSP800-53-CM-7(4)Unauthorized Software — Deny-by-exceptionSP800-53-CM-7(5)Authorized Software — Allow-by-exceptionSP800-53-CM-7(6)Confined Environments with Limited PrivilegesSP800-53-CM-7(7)Code Execution in Protected EnvironmentsSP800-53-CM-7(8)Binary or Machine Executable CodeSP800-53-CM-7(9)Prohibiting The Use of Unauthorized HardwareSP800-53-CM-8System Component InventorySP800-53-CM-8(1)Updates During Installation and RemovalSP800-53-CM-8(2)Automated MaintenanceSP800-53-CM-8(3)Automated Unauthorized Component DetectionSP800-53-CM-8(4)Accountability InformationSP800-53-CM-8(5)No Duplicate Accounting of ComponentsSP800-53-CM-8(6)Assessed Configurations and Approved DeviationsSP800-53-CM-8(7)Centralized RepositorySP800-53-CM-8(8)Automated Location TrackingSP800-53-CM-8(9)Assignment of Components to SystemsSP800-53-CM-9Configuration Management PlanSP800-53-CM-9(1)Assignment of ResponsibilitySP800-53-CM-10Software Usage RestrictionsSP800-53-CM-10(1)Open-source SoftwareSP800-53-CM-11User-installed SoftwareSP800-53-CM-11(1)Alerts for Unauthorized InstallationsSP800-53-CM-11(2)Software Installation with Privileged StatusSP800-53-CM-11(3)Automated Enforcement and MonitoringSP800-53-CM-12Information LocationSP800-53-CM-12(1)Automated Tools to Support Information LocationSP800-53-CM-13Data Action MappingSP800-53-CM-14Signed Components