COMPLIANCE SOLUTIONS

CIS Top 20 Security Controls

Meet CIS Top 20 Security Controls requirements with privileged access management and vulnerability management solutions from BeyondTrust.

Simplifying CIS Top 20 Security Controls Compliance

Originally developed in 2008 and currently on version 6.1, The Center for Internet Security’s Critical Security Controls for Effective Cyber Defense (known as the CIS Top 20 Controls) are, “a recommended set of actions for cyber defense that provide specific and actionable ways to thwart the most pervasive attacks.” Seen as a starting point for prioritizing cyber defense, the CIS Top 20 Controls map to many existing frameworks such as the NIST Cybersecurity FrameworkNIST 800-53ISO 27000 and regulations such as PCIHIPAANERC CIP, and FISMA. The Top 20 CIS Controls have been adopted by thousands of enterprises worldwide.

If you’re just getting started with the CIS Top 20 Controls, or are looking for a way to make better use of those controls with the multiple regulations your organization is beholden to – good news! We’ve already done the work of mapping BeyondTrust’s solutions for privileged access management and vulnerability management to the controls. In fact, BeyondTrust solutions address all or part of 19 out of the 20 controls, and each of the all-important First 5 CIS Controls that seek to address the majority of cyber risks.

Address CIS Top 20 Security Controls Requirements with BeyondTrust Cybersecurity Solutions

BeyondTrust solutions address all or part of 19 out of the 20 controls, and each of the all-important First 5 CIS Controls that seek to address the majority of cyber risks.

1. Inventory of Authorized and Unauthorized Devices 

1. Inventory of Authorized and Unauthorized Devices 

Identify, profile and manage known and unknown devices, including network (local and remote), web, mobile, cloud, IoT and virtual assets.

GET THE GUIDE

2. Inventory of Authorized and Unauthorized Software 

2. Inventory of Authorized and Unauthorized Software 

Gather information including IP, DNS, OS, MAC address, ports, services, software, processes, hardware, event logs and more.

GET THE GUIDE

3. Secure Configurations for Hardware & Software 

3. Secure Configurations for Hardware & Software 

Validate and report on audit settings, security settings, user rights, logging configuration and more.

GET THE GUIDE

4. Continuous Vulnerability Assessment & Remediation 

4. Continuous Vulnerability Assessment & Remediation 

Perform large-scale, cross-platform vulnerability assessment and leverage integrated patch management capabilities.

GET THE GUIDE

5. Controlled Use of Administrative Privileges 

5. Controlled Use of Administrative Privileges 

Protect administrator, root, and other privileged accounts and implement password and privilege management controls across Windows, Unix/Linux and Mac environments.

GET THE GUIDE