CIS Compliance with ESP
Center for Internet Security - CIS Compliance with ESP
The Center for Internet Security recommends that every company strive to reach the CIS top 20 Critical controls, formerly known as the SANS top 20 controls, these controls detail a minimum security strategy to build your organization’s cyber defense into a robust security infrastructure that combats most modern threats in order to retain the integrity of your cyber assets.
Use Elemental's Solution to implement, monitor and enforce CIS Controls
Elemental Security Platform (ESP) is one of the most advanced cybersecurity, compliance, and risk management automation platforms on the market. Resilient enterprise SaaS, it is scalable for any network security infrastructure, from small businesses to large enterprises. ESP offers easy out-of-the-box deployment, continuous and automated management, and auditor-proof enforcement of technical controls needed to implement CIS recommended controls and benchmarks. Hundred of controls in the form of actionable security policies can be deployed to your servers and other hosts in a matter of minutes, providing instant security configuration compliance visibility in your environment. Afterward, those controls are monitored and enforced 24/7, with precise reporting on policy outcomes available to your team with a click of a button.
Elemental's ESP technology goes beyond simple host security configuration checking and continuous compliance reporting, it enables automatic system hardening by enforceing most of the deployed technical controls. This is easily accomplished by deploying security policies with enforcement mode activated.
An example of enforceable SSL/TLS related controls/rules:
Note: the little hammer in front of a control/rule means 'Enforceable Rule'.
CIS Top 20 Critical Controls
Putting these security controls into practice is not a frivolous venture. Unprotected organizations are at risk of malware, ransomware, spyware, and DDos attacks that can hamper business productivity for days or weeks by loosing crucial access and sensitive data, both of which may never be re-attainable without a cyber protection plan. Implementing these basic security practices within your organization could vastly reduce your cyber exposure and eliminate these basic threats.
Most of the top 20 CIS Critical Controls can be implemented using Elemental's ESP solution, check details below:
|Control Ref. #||---- CIS TOP20 Control ----||Elemental Support|
|>>>>>>>||Basic CIS Controls|
|CBC-01||> Inventory and Control of Hardware Assets||YES - tell me more ..|
|CBC-02||> Inventory and Control of Software Assets||YES - tell me more ..|
|CBC-03||> Continuous Vulnerability Management||YES - tell me more ..|
|CBC-04||> Controlled Use of Administrative Privileges||YES - tell me more ..|
|CBC-05||> Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers |||YES - tell me more ..|
|CBC-06||> Maintenance, Monitoring and Analysis of Audit Logs||YES - tell me more ..|
|>>>>>>>||Foundational CIS Controls|
|CFC-07||> Email and Web Browser Protections||YES - tell me more ..|
|CFC-08||> Malware Defenses||YES - tell me more ..|
|CFC-09||> Limitation and Control of Network Ports, Protocols and Services||YES - tell me more ..|
|CFC-10||> Data Recovery Capabilities||N/A - tell me more ..|
|CFC-11||> Secure Configuration for Network Devices, such as Firewalls, Routers and Switches||N/A - tell me more ..|
|CFC-12||> Boundary Defense||YES - tell me more ..|
|CFC-13||> Data Protection||YES - tell me more ..|
|CFC-14||> Controlled Access Based on the Need to Know||YES - tell me more ..|
|CFC-15||> Wireless Access Control||YES - tell me more ..|
|CFC-16||> Account Monitoring and Control||YES - tell me more ..|
|>>>>>>>||Organizational CIS Controls|
|COC-17||> Implement a Security Awareness and Training Program||N/A - tell me more ..|
|COC-18||> Application Software Security||N/A - tell me more ..|
|COC-19||> Incident Response and Management||N/A - tell me more ..|
|COC-20||> Penetration Tests and Red Team Exercises||N/A - tell me more ..|