Collaborate Disseminate
The cloud continues to expand with new products and services constantly introduced by cloud service providers (CSPs). The Center for Internet Security (CIS) responded with more resources to help secure these capabilities in the cloud. The Beginner’s Gu… Continue reading Secure cloud products and services with new CIS Benchmarks
The Center for Internet Security (CIS) recently celebrated 20 years of bringing confidence to the connected world with consensus-based security guidance. The first CIS Benchmark was released in 2000. Today, there are more than 100 CIS Benchmarks config… Continue reading The CIS Benchmarks community consensus process
Configuration management can be challenging. IT teams can become overwhelmed between various standards, compliance requirements, and security options. As the popularity of remote work grows, so does the complexity of implementing secure configurations…. Continue reading How to automate configuration review
Secure configurations are a key best practice for limiting an organization’s cyber vulnerabilities. Since systems don’t ship securely, it’s important to review and implement recommended guidance. Configure systems securely with the CIS Benchmarks The C… Continue reading How to implement secure configurations more quickly
Creating a cybersecurity plan is the first step in starting secure and staying secure. Consider this when planning a budget, getting support from staff, and creating company goals. Here are the five essential Ws for getting started. Why you should add … Continue reading The 5 Ws for building a strong cybersecurity plan
Creating a cybersecurity plan is the first step in starting secure and staying secure. Consider this when planning a budget, getting support from staff, and creating company goals. Here are the five essential Ws for getting started. Why you should add … Continue reading The 5 Ws for building a strong cybersecurity plan
Creating a cybersecurity plan is the first step in starting secure and staying secure. Consider this when planning a budget, getting support from staff, and creating company goals. Here are the five essential Ws for getting started. Why you should add … Continue reading The 5 Ws for building a strong cybersecurity plan
Elastic announced that it has entered into a definitive agreement to acquire build.security, a policy definition and enforcement platform that leverages the open source standard Open Policy Agent (OPA), to enable organizations to enforce security actio… Continue reading Elastic acquires build.security to enforce security actions for cloud native environments
Open Cybersecurity Alliance (OCA) announced it has accepted IBM’s contribution of Kestrel, an open-source programming language for threat hunting that is used by Security Operations Center (SOC) analysts and other cybersecurity professionals. Kestrel s… Continue reading IBM provides Kestrel, a threat hunting tool, to Open Cybersecurity Alliance
Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Security’s Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many… Continue reading What’s New in v8 of the CIS Controls