RedFox@infosec.pub to

cybersecurity@infosec.pubEnglish · 6 months ago

Technical Controls

1

1

Technical Controls

RedFox@infosec.pub to

cybersecurity@infosec.pubEnglish · 6 months ago

1

What sources of technical controls does your organization use?

Do you base device/operating system configurations on:

CIS workbench?
NIST/STIG?
Microsoft best practice?
Google searches and ‘that looks good’?

How closely rigorously does your organization enforce change management for policies or settings?

Can you change GPOs/Linux/Network device settings as needed?
During maintenance window?
After a group meeting with code/change review and some sort of approval authority?

You must log in or register to comment.

Chat

edric@lemm.ee
link
fedilink
English
arrow-up
0·
6 months ago
ISO27001 for policy development. CIS benchmarks for configuration. CIS controls for assessments. NIST for guidelines.

cybersecurity@infosec.pub

cybersecurity@infosec.pub

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !cybersecurity@infosec.pub

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
2 users / week
9 users / month
187 users / 6 months
0 local subscribers
3.17K subscribers
383 Posts
904 Comments
Modlog