6 min
Malware
The CIS Critical Controls Explained- Control 8: Malware Defenses
This is a continuation of our CIS critical security controls
[/2017/04/19/the-cis-critical-security-controls-series] blog series.
Workstations form the biggest threat surface in any organization. The CIS
Critical Security Controls
[https://www.rapid7.com/fundamentals/cis-critical-security-controls/] include
workstation and user-focused endpoint security in several of the controls, but
Control 8 (Malware Defenses) is the only control to strictly focus on antivirus
and malware across the organiza
5 min
CIS Controls
The CIS Critical Controls Explained - Control 7: Email and Web browser protection
This blog is a continuation of our blog post series around the CIS Critical
Controls
[https://www.rapid7.com/blog/post/2017/04/19/the-cis-critical-security-controls-series/]
.
The biggest threat surface in any organization is its workstations. This is the
reason so many of the CIS Critical Security Controls
[https://www.rapid7.com/fundamentals/cis-critical-security-controls/] relate to
workstation and user-focused endpoint security. It is also the reason that
workstation security is a multibill
3 min
CIS Controls
The CIS Critical Security Controls Explained - Control 1: Inventory and Control of Hardware Assets
The Rapid7 Security Advisory Service relies heavily on the CIS top 20 critical
controls as a framework for security program analysis because they are
universally applicable to information security and IT governance. Correct
implementation of all 20 of the critical controls greatly reduces security risk,
lowers operational costs, and significantly improves any organization's
defensive posture. The 20 critical controls are divided into Basic,
Foundational, and Organizational families, and each con
4 min
CIS Controls
The CIS Critical Security Controls Explained - Control 2: Inventory and Control of Software Assets
As I mentioned in our last post, the 20 critical controls
[https://www.rapid7.com/solutions/compliance/critical-controls/] are divided
into Basic, Foundational, and Organizational families in order to simplify
analysis and implementation. This also allows partial implementation of the
controls by security program developers who aren't building a program from
scratch, but want to apply all 20 of the controls. The first two controls of the
Center for Internet Security's (CIS) Critical Controls are