One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 59479 |
| Date de publication | 2016-09-13 13:00:00 (vue: 2016-09-13 13:00:00) |
| Titre | Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 17: Data Protection |
| Texte | This is Part 17 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory of Authorized and Unauthorized Devices. Part 2 - we looked at Inventory of Authorized and Unauthorized Software. Part 3 - we looked at Secure Configurations. Part 4 - we looked at Continuous Vulnerability Assessment and Remediation. Part 5 - we looked at Malware Defenses. Part 6 - we looked at Application Security. Part 7 - we looked at Wireless Access Control. Part 8/9 – we looked at Data Recovery and Security Training. Part 10/11 - we looked at Secure Configurations for Network Devices such as Firewalls, Routers, and Switches and Limitation and Control of Network Ports, Protocols and Services. Part 12 - we looked at Controlled Use of Administrative Privileges Part 13 - we looked at Boundary Defense Part 14 - we looked at Maintenance, Monitoring and Analysis of Audit Logs Part 15 - We looked at Controlled Access Based on the Need to Know. |
| Notes | |
| Envoyé | Oui |
| Condensat | related 'how deploy 1+ 10/11 17: 2014 3rd 8/9 9th able above access accessed accidental account across action address addresses administrative administrators alerting algorithm algorithms alien all allow amazon analysis annual anomalies any appliance applicable application appropriate approved are areas ask assessment attackers attempting attempts audit authenticated authorities authorized automated automatically available aws azure barracuda based before between bitlocker block boundaries boundary breaches built business bypass can card cas center certain certificate certificates chain channel characteristics cis claim classified clear client cloud code commercial common community comodo compile comply concerns conduct configurations configure configured connection connections continuous control controlled controls covered cps credit cryptographic data decrypt deep defense defenses define dell deploy deployment detect determine device device's devices devs discover disk dlp document drive drives each edition effort email encrypt encrypted encryption encryptor enterprise enterprise; essential exceed exfiltrate exfiltration exit exposure eye file filevault firewall firewalls flow fork formerly free friday from full further futurex gartner's gpo hard hardware has hash health help here here: hold how hsms https identifiable identify implement import included infected info information inspection installing integrity internet inventory issue issues it's key keys keywords know known leaving left lengths lifecycle limitation linux list lists logs looked loss mac machines magic mail maintained maintenance malware management many mechanisms menu mobile modern modules monitor monitoring monitors more most move must mydlp need network networks nist normal not noted now number numbers offer offered often once only open opendlp organization organizations osx other outbound packet part partnering party patterns perform perimeters periodic personally personnel pii placed point policy ports posts practices present prevent prevention prevents previous private privileges procedure process processes professional property protection protocols provider proxy publicly quadrant recovery refer related remediate remediation required requires responsibilities review risks rogue roles routers saas safeguard safenet sans scan scanning scans section secure security sensitive septemberchanging serial server service services should sky software solution solutions solved sophos source specific statement storiessecurity sub subscription such suite summary supply supporting switches system systems taken taking terminate text thales than theft them therefore through to' tokens tool tools top traffic training transfer transfers truecrypt trust types unauthorized unique usb use used users using validation veracrypt verify vetted virtual vulnerability watchguard web websites what when where whereby whether which whitelist wifi will windows wireless wish within wizards worksthe write xtm your |
| Tags | |
| Stories | APT 17 |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.