CIS v8 automatisering

CIS v8 automatisering

Automatisering af CIS v8 kontrollerne

Herunder ser du en liste med software og hardware løsninger, du kan bruge til at gøre implementeringen af de enkelte CIS kontroller mere robust.
Video om nyheder i CIS v8

CIS Kontroller version 8 
ME*  - ManageEngine. IG** - Implementeringsgrupper (PDF)

Implementering og kontrol med alle enterprise aktiver [5]
[IG1**:2 IG2:2 IG3:1]
Software

Lansweeper
RunZero
ME* Asset Explorer
SentinelOne Ranger
ImmuniWeb
SecurityTrails

Modenhedsvurdering
Dediko Modenhedsmodeller

Implementering og kontrol med alt enterprise software [7]
[IG1:3 IG2:3 IG3:1]

Software

Lansweeper
RunZero
ME Asset Explorer
ME DesktopCentral
ME Application Control
Thycotic Privilege Manager

Databeskyttelse [14]

[IG1:6 IG2:6 IG3:2]

Software

ME DataSecurity
ME FileAnalysis
ForcePoint DLP
Varonis Data Security Platform
NetWrix Data Classification
Sophos Firewall (Segmentation)
Fortinet Network (Segmentation)
ForcePoint CASB
Proofpoint CASB
NetWrix Auditor
Lepide

Sikker konfiguration af aktiver og software [12]
[IG1:7 IG2:4 IG3:1]

Software

Tenable.IO/.SC
Semperis AD Services Protector
ME DesktopCentral

Modenhedsvurdering
CSA Cloud Controls Matrix
CIS Benchmarks
Dediko Modenhedsmodeller
 

Kontostyring og -kontrol [6]

[IG1:4 IG2:2 IG3:0]

Software

ME ADManager/AD360
ME PasswordManager
Thycotic Secret Server
SpecOps
SpyCloud
NetWrix sPAM


Modenhedsvurdering
Dediko Modenhedsmodeller

Adgangsstyring [8]

[IG1:5 IG2:2 IG3:1]

Software

Thycotic Secret Server

Identity Access Management

ME PAM360
ME ADAudit
Onelogin/SailPoint

Kontinuerlig sårbarheds- administration og mitigering [7]
[IG1:4 IG2:3 IG3:0]

Software

Tenable.IO
ME DesktopCentral
ME PatchManager
ME Vulnerability Manager
BitSight 


Modenhedsvurdering
Dediko Modenhedsmodeller

Log management og SIEM [12]

[IG1:3 IG2:8 IG3:1]

Software

ME EventLogAnalyzer
Netsurion EventTracker
Dediko liste med danske SOC/IR


Audit løsninger
ME Cloud Security
ME ADAudit
Thycotic PBA
Varonis UEBA

Modenhedsvurdering
Dediko Modenhedsmodeller
 

E-mail og browserbeskyttelse [7]

[IG1:2 IG2:4 IG3:1]

Software

ME DesktopCentral
ME Browser Security
ProofPoint E-mail Potection
GreatHorn
Cyren
Sophos Email Security 

Malware forsvar [7]

[IG1:3 IG2:4 IG3:0]

Software

SentinelOne Singularity
Sophos Intercept X


Modenhedsvurdering
Dediko Modenhedsmodeller

Genskabelse af data [5]

[IG1:4 IG2:1 IG3:0]

Software

ME RecoveryManager
Semperis AD Forest Recovery
Netwrix StealthRecover
Veeam
Keepit

Administration af netværks- infrastruktur [8]
[IG1:1 IG2:6 IG3:1]

Software
Tenable.IO/.SC
ME Network Configuration Mngr
Fortinet Network Manager
 

Netværksovervågning og -forsvar [11]
[IG1:0 IG2:6 IG3:5]

Software/Hardware

Sophos Firewall
Fortinet Firewall
ME Firewall Analyzer
ME NetFlow Analyzer
ME OpManager

Cybersikkerhedstræning og kompetenceopgradering [9]
[IG1:8 IG2:1 IG3:0]

Software/Services

Proofpoint PSAT (PDF)
AwareGO
Sophos Awareness Training
Inspired eLearning

Administration af serviceudbydere (MSSP) [7]
[IG1:1 IG2:3 IG3:3]

Software/Hardware

Lansweeper
ForcePoint CASB
Proofpoint CASB
NetWrix Auditor
Lepide

Sikker udvikling af applikationssoftware [14]
[IG1:0 IG2:11 IG3:3]

Software/Services

Tenable.IO (Application test)
ImproSec Secure Development
sSDLC
SafeCode (Link/PDF)
 

Administration og håndtering af cyberhændelser [9]
[IG1:3 IG2:5 IG3:1]

Software/Services

ImmuniWeb
Tenable.IO
Dediko liste med danske SOC/IR

Pentest [5]
[IG1:0 IG2:3 IG3:2]

Software/Services

Cymulate
SentinelOne Vigilance
Sophos SOC
Dediko liste med danske SOC/IR
Privatlivspolitik Cookiepolitik Forretningsbetingelser