Security Controls

🛡️ Security Controls

Relevant security controls from major frameworks:

CIS Critical Security Controls® v8.0

10.110.512.213.414.8
Hide Control Details (5 controls)
10.1Deploy and Maintain Anti-Malware Software
DevicesProtect
Deploy and maintain anti-malware software on all enterprise assets.
10.5Enable Anti-Exploitation Features
DevicesProtect
Enable anti-exploitation features on enterprise assets and software, where possible, such as Microsoft® Data Execution Prevention (DEP), Windows® Defender Exploit Guard (WDEG), or Apple® System Integrity Protection (SIP) and Gatekeeper™.
12.2Establish and Maintain a Secure Network Architecture
NetworkProtect
Establish and maintain a secure network architecture. A secure network architecture must address segmentation, least privilege, and availability, at a minimum.
13.4Perform Traffic Filtering Between Network Segments
NetworkProtect
Perform traffic filtering between network segments, where appropriate.
14.8Train Workforce on the Dangers of Connecting to and Transmitting Enterprise Data Over Insecure Networks
N/AProtect
Train workforce members on the dangers of connecting to, and transmitting data over, insecure networks for enterprise activities. If the enterprise has remote workers, training must include guidance to ensure that all users securely configure their home network infrastructure.
Attribution

Copyright Notice
© 2025 Center for Internet Security, Inc. ("CIS"). All rights reserved.

License
This product/service incorporates the CIS Critical Security Controls® with the express permission of the Center for Internet Security, Inc. Use of the CIS Controls in this commercial offering is authorized under a commercial license granted by CIS.

Trademark Notice
"CIS®" and "CIS Critical Security Controls®" are registered trademarks of the Center for Internet Security, Inc. and are used under license.

Source Reference
The original CIS Critical Security Controls are available, free of charge for non-commercial use, at: https://www.cisecurity.org/controls.

Disclaimer
CIS does not endorse, certify, or warrant this product/service. Any views or interpretations are those of Paranoid Cybersecurity, not CIS.