SANS Top 20 Critical Security Controls
GPTKB entity
Statements (49)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybersecurity framework
|
| gptkbp:alsoKnownAs |
gptkb:CIS_Controls
|
| gptkbp:basisFor |
risk assessments
security audits cybersecurity compliance programs |
| gptkbp:category |
cyber defense
risk management |
| gptkbp:developedBy |
gptkb:SANS_Institute
|
| gptkbp:firstPublished |
2008
|
| gptkbp:focusesOn |
prioritized cybersecurity best practices
|
| https://www.w3.org/2000/01/rdf-schema#label |
SANS Top 20 Critical Security Controls
|
| gptkbp:includesControl |
Data Protection
Limitation and Control of Network Ports, Protocols, and Services Account Monitoring and Control Application Software Security Boundary Defense Continuous Vulnerability Management Controlled Access Based on the Need to Know Controlled Use of Administrative Privileges Data Recovery Capabilities Email and Web Browser Protections Incident Response and Management Inventory and Control of Hardware Assets Inventory and Control of Software Assets Malware Defenses Penetration Tests and Red Team Exercises Secure Configuration for Hardware and Software Secure Configuration for Network Devices Security Skills Assessment and Training Maintenance, Monitoring, and Analysis of Audit Logs Wireless Access Control |
| gptkbp:maintainedBy |
gptkb:Center_for_Internet_Security
|
| gptkbp:numberOfControls |
20
|
| gptkbp:purpose |
improve cybersecurity posture
|
| gptkbp:referencedIn |
gptkb:HIPAA
gptkb:PCI_DSS gptkb:NIST gptkb:ISO/IEC_27001 gptkb:FISMA |
| gptkbp:targetAudience |
IT professionals
executives security practitioners |
| gptkbp:updated |
gptkb:CIS_Controls_v8
|
| gptkbp:usedBy |
private sector organizations
government organizations critical infrastructure |
| gptkbp:website |
https://www.cisecurity.org/controls/
|
| gptkbp:bfsParent |
gptkb:CIS_Controls
|
| gptkbp:bfsLayer |
7
|