Skip to content

Instantly share code, notes, and snippets.

@empireshades
Created December 29, 2018 03:58
Show Gist options
  • Save empireshades/1ec9bd8ec33257c5836f9cd84d8c4e58 to your computer and use it in GitHub Desktop.
Save empireshades/1ec9bd8ec33257c5836f9cd84d8c4e58 to your computer and use it in GitHub Desktop.
# CIS Controls
from: https://www.cisecurity.org/controls/
## Basic CIS Controls
1. Inventory and Control of Hardware Assets
2. Inventory and Control of Software Assets
3. Continuous Vulnerability Management
4. Controlled Use of Administrative Privileges
5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers
6. Maintenance, Monitoring and Analysis of Audit Logs
## Foundational CIS Controls
7. Email and Web Browser Protections
8. Malware Defenses
9. Limitation and Control of Network Ports, Protocols and Services
10. Data Recovery Capabilities
11. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches
12. Boundary Defense
13. Data Protection
14. Controlled Access Based on the Need to Know
15. Wireless Access Control
16. Account Monitoring and Control
## Organizational CIS Controls
17. Implement a Security Awareness and Training Program
18. Application Software Security
19. Incident Response and Management
20. Penetration Tests and Red Team Exercises
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment