INCIDENT DETECTION & RESPONSE
CIS TOP 20 CRITICAL SECURITY CONTROLS
PRIORITIZE SECURITY CONTROLS FOR EFFECTIVENESS AGAINST REAL WORLD THREATS
The Center for Internet Security (CIS) Top 20 Critical Security Controls (previously known as the SANS Top 20 Critical Security Controls), is a prioritized set of best practices created to stop the most pervasive and dangerous threats of today. It was developed by leading security experts from around the world and is refined and validated every year.
As you probably know, simply being compliant is not enough to mitigate probable attacks and protect your critical information. While there's no silver bullet for security, organizations can reduce chances of compromise by moving from a compliance-driven approach to a risk management approach focused on real world effectiveness. Implementing the CIS top 20 critical security controls is a great way protect your organization from some of the most common attacks.
In the 2016 ranking from SANS, Rapid7 was listed as the top solution provider addressing the CIS TOP 20 CRITICAL SECURITY CONTROLS. Click each control listed below to learn more about how Rapid7 can help.
7 Steps to Successfully Implement the CIS Top 20 Critical Controls
Rapid7 Global Services will evaluate and document the gaps in your asset discovery process to make recommendations for improving your inventory capabilities.
Rapid7 Global Services will evaluate existing software discovery process, help build a software inventory, and enhance the existing program.
Rapid7 Global Services documents any existing system gold images, compares to the latest best practices, and recommends technology and procedures to improve.
Rapid7 Global Services will evaluate existing vulnerability management programs, document the workflow for remediation, and help develop a long-term plan.
Rapid7 Global Services observe system access policies and operational procedures to identify gaps in your security program and lay out a detailed plan to address them with an optimal least privilege model.
Rapid7 Global Services tailor to your organization's monitoring by evaluating your incident detection and response program, recommending best practices to enhance auditing and incident response plans, and augment, as necessary, with a fully managed detection and response team.
Rapid7 Global Services observe your security program, identify best practices for defanging email attachments, and recommend tools for protecting users from email and web threats.
Rapid7 Global Services evaluate existing processes, roles, and technologies for malware defenses to recommend the best next steps for each organization moving forward.
Rapid7 Global Services use industry best practices to help implement a realistic model for reducing risks that match each organization’s business with appropriate network controls.
Rapid7 Global Services document any existing system gold images, compares to the latest best practices, and recommends technology and procedures to improve device configurations.
Rapid7 Global Services assist in formal threat modeling, documentation of existing defenses, and next steps for each organization to improve boundary defenses over time.
Rapid7 Global Services identify sensitive data, the systems that house it, and the best possible protection schemes to reduce chances of leakage and exfiltration.
Rapid7 Global Services observe system access policies and operational procedures to identify gaps in and lay out a detailed plan to address them with an optimal least privilege model.
Rapid7 Global Services review existing wireless access points, network access controls, and usage of virtual LANs within each organization to identify any gaps and determine improvements in security.
Rapid7 Global Services examine existing authentication log review processes and help to ensure authentication control policies are followed appropriately.
Rapid7 Global Services customize security awareness training for your organization and determine if authentication control policies are followed appropriately.
Rapid7 Global Services evaluate your organization’s usage of third-party software and software development lifecycle (SDLC) to design the right application security policy for your organization.
Rapid7 Global Services optimize monitoring and incident response processes for each organization in complement to tabletop exercises and other simulated attack scenarios.
Rapid7 Global Services map out an appropriate penetration testing cadence for each organization in combination with blue team and other related exercises.