7MS #284: The Quest for Critical Security Controls
7 Minute Security2 Nov 2017

7MS #284: The Quest for Critical Security Controls

For a long time I've been electronically in love with the Critical Security Controls. Not familiar with 'em? The CIS site describes them as:

The CIS Controls are a prioritized set of actions that protect your critical systems and data from the most pervasive cyber attacks. They embody the critical first steps in securing the integrity, mission, and reputation of your organization.

Cool, right? Yeah. And here are the top (first) 5 that many organizations start to tackle:

  1. Inventory of Authorized and Unauthorized Devices
  2. Inventory of Authorized and Unauthorized Software
  3. Secure Configurations for Hardware and Software
  4. Continuous Vulnerability Assessment and Remediation
  5. Controlled Use of Administrative Privileges

Google searches will show you that you can definitely buy expensive hardware/software to help you map to the CSCs, but I'm passionate about helping small businesses (and even home networks!) be more secure, so I'm on a quest to find implementable (if that's a word?) ways to put these controls in place.

I'm focusing on control #1 to start, and I've heard great things about using Fingbox (not a sponsor) to get the job done, but I'm also exploring other free options, such as nmap + some scripting magic.

More on today's episode...

Avsnitt(684)

7MS #107: I'm Going to PWAPT!

7MS #107: I'm Going to PWAPT!

Hey I'm going to PWAPT this week (http://www.eventbrite.com/e/practical-web-application-penetration-testing-with-tim-tomes-lanmaster53-tickets-16718889649), so in this episode I talk about that...and how I'll probably be too info-overloaded to record anything on Thursday :-). Oh, and I had a fun Web app pentest this week that I wanted to share some fun bits on.

3 Nov 20157min

7MS #106: A Day in the Life of an Information Security Analyst

7MS #106: A Day in the Life of an Information Security Analyst

A listener wrote in asking some questions about "a day in the life of" a security analyst, so here's my best stab at it!

30 Okt 201510min

7MS #105: OFFTOPIC-Big Bag of Random Sauce

7MS #105: OFFTOPIC-Big Bag of Random Sauce

Today's totally random episode covers: 1. How bad does this podcast's logo suck? 2. Does this podcast need a theme song? 3. Some interesting training I'm taking next week. 4. The Walking Dead - who should die? 5. Metal Gear Solid and my personal godmode strategy.

28 Okt 20159min

7MS #104: LANTurtle First Impressions

7MS #104: LANTurtle First Impressions

Hey I just got a LANTurtle and....these are my first impressions!

22 Okt 20157min

7MS #103: OFFTOPIC-I Was in a Movie Once

7MS #103: OFFTOPIC-I Was in a Movie Once

This is an off-topic episode about the time I was in the holiday comedy super-smash laugh-fest, Jingle All the Way.

20 Okt 20157min

7MS #102: Recon-ng!

7MS #102: Recon-ng!

I'm a big fan of Recon-ng and you should be too! Check it out - and learn more about Tim Tomes, its creator - at www.lanmaster53.com. And here's the video I mentioned in the podcast - my first look at Recon-ng in action: https://www.youtube.com/watch?v=vkmNTNl6urw

15 Okt 20158min

7MS #101: OFFTOPIC-I Am Chris Farley

7MS #101: OFFTOPIC-I Am Chris Farley

The new(ish) Chris Farley documentary is fantastic - see it!

14 Okt 20157min

7MS #100: Assessment Curses Can Be Blessings

7MS #100: Assessment Curses Can Be Blessings

Ever had an assessment that you thought would be the death of you? I had one recently, but after sticking it out, it turned out to be a blessing in disguise.

9 Okt 20157min

Populärt inom Politik & nyheter

p3-krim
svd-dokumentara-berattelser-2
rss-krimstad
flashback-forever
rss-viva-fotboll
olyckan-inifran
aftonbladet-daily
rss-vad-fan-hande
rss-sanning-konsekvens
svenska-fall
krimmagasinet
rss-expressen-dok
motiv
fordomspodden
svd-nyhetsartiklar
dagens-eko
rss-frandfors-horna
blenda-2
spar
spotlight