Center for Internet Security (CIS) Critical Security Controls: Technical Control Automation

Learn how to streamline conformance, communicate results and demonstrate defensible security with Tenable SecurityCenter Continuous View®

This paper provides insight into the ways Tenable SecurityCenter Continuous View® streamlines conformance with the Center for Internet Security (CIS) Critical Security Controls for Effective Cyber Defense (CSC) version 6.0. Specifically, it explains how SecurityCenter Continuous View helps meet the guidelines and practices outlined in the CSCs through automation of technical controls. These include:

• Account Monitoring and Control
• Data Protection
• Vulnerability Management
• Secure Configuration
• Hardware and Devices
• Software and Applications
• Logging and Monitoring
• Foundational Cyber Hygiene

Beyond automating technical controls, the paper explores how SecurityCenter Continuous View supports organization-wide reporting requirements through dynamically generated reports, dashboards and Assurance Report Cards® (ARCs).

Finally, the paper includes an appendix outlining the requirements in all of the CSC controls and sub-controls with corresponding automation capabilities provided by Tenable.