Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

We have the Excel version of this mapping file for download here:

View file
nameCSCIS_Mappings.xlsx

...

Control

...

SubControl

...

IG

...

SubControl Description

...

Coverage

...

1

...

1

...

1

...

Establish and Maintain Detailed Enterprise Asset Inventory

...

1

...

2

...

1

...

Address Unauthorized Assets

...

Facilitates

...

1

...

3

...

2

...

Utilize an Active Discovery Tool

...

Partial

...

1

...

4

...

2

...

Use DHCP Logging to update asset inventory

...

1

...

5

...

3

...

Use a Passive Asset Discovery Tool

...

2

...

1

...

1

...

Establish and Maintain a Software Inventory

...

Facilitates

...

2

...

2

...

1

...

Ensure Authorized Software is Currently Supported

...

Facilitates

...

2

...

3

...

1

...

Address Unauthorized Software

...

Facilitates

...

2

...

4

...

2

...

Utilize Automated Software Inventory Tools

...

Partial

...

2

...

5

...

2

...

Allowlist Authorized Software

...

Facilitates

...

2

...

6

...

2

...

Allowlist Authorized Libraries

...

2

...

7

...

3

...

Allowlist Authorized Scripts

...

3

...

1

...

1

...

Establish and Maintain a Data Management Process

...

3

...

2

...

1

...

Establish and Maintain a Data Inventory

...

Facilitates

...

3

...

3

...

1

...

Configure Data Access Control Lists

...

3

...

4

...

1

...

Enforce Data Retention

...

3

...

5

...

1

...

Securely Dispose of Data

...

3

...

6

...

1

...

Encrypt Data on End-User Devices

...

3

...

7

...

2

...

Establish and Maintain a Data Classification Scheme

...

3

...

8

...

2

...

Document Data Flows

...

3

...

9

...

2

...

Encrypt Data on Removable Media

...

3

...

10

...

2

...

Encrypt Sensitive Data In Transit

...

3

...

11

...

2

...

Encrypt Sensitive Data at Rest

...

3

...

12

...

2

...

Segment Data Processing and Storage Based on Sensitivity

...

3

...

13

...

3

...

Deploy a Data Loss Prevention Solution

...

Facilitates

...

3

...

14

...

3

...

Log Sensitive Data Access

...

4

...

1

...

1

...

Establish and Maintain a Secure Configuration Process

...

Facilitates

...

4

...

2

...

1

...

Establish and Maintain a Secure Configuration Process for Network Infrastructure

...

4

...

3

...

1

...

Configure Automatic Session Locking on Enterprise Assets

...

Facilitates

...

4

...

4

...

1

...

Implement and Manage a Firewall on Servers

...

Facilitates

...

4

...

5

...

1

...

Implement and Manage a Firewall on End-User Devices

...

Facilitates

...

4

...

6

...

1

...

Securely Manage Enterprise Assets and Software

...

4

...

7

...

1

...

Manage Default Accounts on Enterprise Assets and Software

...

Facilitates

...

4

...

8

...

2

...

Uninstall or Disable Unnecessary Services on Enterprise Assets and Software

...

Facilitates

...

4

...

9

...

2

...

Configure Trusted DNS Servers on Enterprise Assets

...

4

...

10

...

2

...

Enforce Automatic Device Lockout on Portable End-User Devices

...

Facilitates

...

4

...

11

...

2

...

Enforce Remote Wipe Capability on Portable End-User Devices

...

4

...

12

...

3

...

Separate Enterprise Workspaces on Mobile End-User Devices

...

5

...

1

...

1

...

Establish and Maintain an Inventory of Accounts

...

Facilitates

...

5

...

2

...

1

...

Use Unique Passwords

...

Facilitates

...

5

...

3

...

1

...

Disable Dormant Accounts

...

Facilitates

...

5

...

4

...

1

...

Restrict Administrator Privileges to Dedicated Administrator Accounts

...

5

...

5

...

2

...

Establish and Maintain an Inventory of Service Accounts

...

Facilitates

...

5

...

6

...

2

...

Centralize Account Management

...

6

...

1

...

1

...

Establish an Access Granting Process

...

6

...

2

...

1

...

Establish an Access Revoking Process

...

6

...

3

...

1

...

Require MFA for Externally-Exposed Applications

...

6

...

4

...

1

...

Require MFA for Remote Network Access

...

6

...

5

...

1

...

Require MFA for Administrative Access

...

6

...

6

...

2

...

Establish and Maintain an Inventory of Authentication and Authorization Systems

...

6

...

7

...

2

...

Centralize Access Control

...

6

...

8

...

3

...

Define and Maintain Role-Based Access Control

...

7

...

1

...

1

...

Establish and Maintain a Vulnerability Management Process

...

Facilitates

...

7

...

2

...

1

...

Establish and Maintain a Remediation Process

...

Facilitates

...

7

...

3

...

1

...

Perform Automated Operating System Patch Management

...

Partial

...

7

...

4

...

1

...

Perform Automated Application Patch Management

...

Partial

...

7

...

5

...

2

...

Perform Automated Vulnerability Scans of Internal Enterprise Assets

...

Fully

...

7

...

6

...

2

...

Perform Automated Vulnerability Scans of Externally-Exposed Enterprise Assets

...

Fully

...

7

...

7

...

2

...

Remediate Detected Vulnerabilities

...

Partial

...

8

...

1

...

1

...

Establish and Maintain an Audit Log Management Process

...

8

...

2

...

1

...

Collect Audit Logs

...

8

...

3

...

1

...

Ensure Adequate Audit Log Storage

...

8

...

4

...

2

...

Standardize Time Synchronization

...

Facilitates

...

8

...

5

...

2

...

Collect Detailed Audit Logs

...

8

...

6

...

2

...

Collect DNS Query Audit Logs

...

8

...

7

...

2

...

Collect URL Request Audit Logs

...

8

...

8

...

2

...

Collect Command-Line Audit Logs

...

8

...

9

...

2

...

Centralize Audit Logs

...

8

...

10

...

2

...

Retain Audit Logs

...

8

...

11

...

2

...

Conduct Audit Log Reviews

...

8

...

12

...

3

...

Collect Service Provider Logs

...

9

...

1

...

1

...

Ensure Use of Only Fully Supported Browsers and Email Clients

...

Facilitates

...

9

...

2

...

1

...

Use DNS Filtering Services

...

9

...

3

...

2

...

Maintain and Enforce Network-Based URL Filters

...

9

...

4

...

2

...

Restrict Unnecessary or Unauthorized Browser and Email Client Extensions

...

9

...

5

...

2

...

Implement DMARC

...

9

...

6

...

2

...

Block Unnecessary File Types

...

9

...

7

...

3

...

Deploy and Maintain Email Server Anti-Malware Protections

...

10

...

1

...

1

...

Deploy and Maintain Anti-Malware Software

...

10

...

2

...

1

...

Configure Automatic Anti-Malware Signature Updates

...

10

...

3

...

1

...

Disable Autorun and Autoplay for Removable Media

...

10

...

4

...

2

...

Configure Automatic Anti-Malware Scanning of Removable Media

...

10

...

5

...

2

...

Enable Anti-Exploitation Features

...

10

...

6

...

2

...

Centrally Manage Anti-Malware Software

...

10

...

7

...

3

...

Use Behavior-Based Anti-Malware Software

...

11

...

1

...

1

...

Establish and Maintain a Data Recovery Process

...

11

...

2

...

1

...

Perform Automated Backups

...

11

...

3

...

1

...

Protect Recovery Data

...

11

...

4

...

1

...

Establish and Maintain an Isolated Instance of Recovery Data

...

11

...

5

...

2

...

Test Data Recovery

...

12

...

1

...

1

...

Ensure Network Infrastructure is Up-to-Date

...

Facilitates

...

12

...

2

...

2

...

Establish and Maintain a Secure Network Architecture

...

12

...

3

...

2

...

Securely Manage Network Infrastructure

...

12

...

4

...

2

...

Establish and Maintain Architecture Diagram(s)

...

12

...

5

...

2

...

Centralize Network Authentication, Authorization, and Auditing (AAA)

...

12

...

6

...

2

...

Use of Secure Network Management and Communication Protocols

...

12

...

7

...

2

...

Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise’s AAA Infrastructure

...

12

...

8

...

3

...

Establish and Maintain Dedicated Computing Resources for All Administrative Work

...

13

...

1

...

2

...

Centralize Security Event Alerting

...

13

...

2

...

2

...

Deploy a Host-Based Intrusion Detection Solution

...

13

...

3

...

2

...

Deploy a Network Intrusion Detection Solution

...

13

...

4

...

2

...

Perform Traffic Filtering Between Network Segments

...

13

...

5

...

2

...

Manage Access Control for Remote Assets

...

13

...

6

...

2

...

Collect Network Traffic Flow Logs

...

13

...

7

...

3

...

Deploy a Host-Based Intrusion Prevention Solution

...

13

...

8

...

3

...

Deploy a Network Intrusion Prevention Solution

...

13

...

9

...

3

...

Deploy Port-Level Access Control

...

13

...

10

...

3

...

Perform Application Layer Filtering

...

13

...

11

...

3

...

Tune Security Event Alerting Thresholds

...

14

...

1

...

1

...

Establish and Maintain a Security Awareness Program

...

14

...

2

...

1

...

Train Workforce Members to Recognize Social Engineering Attacks

...

14

...

3

...

1

...

Train Workforce Members on Authentication Best Practices

...

14

...

4

...

1

...

Train Workforce on Data Handling Best Practices

...

14

...

5

...

1

...

Train Workforce Members on Causes of Unintentional Data Exposure

...

14

...

6

...

1

...

Train Workforce Members on Recognizing and Reporting Security Incidents

...

14

...

7

...

1

...

Train Workforce on How to Identify and Report if Their Enterprise Assets are Missing Security Updates

...

14

...

8

...

1

...

Train Workforce on the Dangers of Connecting to and Transmitting Enterprise Data Over Insecure Networks

...

14

...

9

...

2

...

Conduct Role-Specific Security Awareness and Skills Training

...

15

...

1

...

1

...

Establish and Maintain an Inventory of Service Providers

...

15

...

2

...

2

...

Establish and Maintain a Service Provider Management Policy

...

15

...

3

...

2

...

Classify Service Providers

...

15

...

4

...

2

...

Ensure Service Provider Contracts Include Security Requirements

...

15

...

5

...

3

...

Assess Service Providers

...

15

...

6

...

3

...

Monitor Service Providers

...

15

...

7

...

3

...

Securely Decommission Service Providers

...

16

...

1

...

2

...

Establish and Maintain a Secure Application Development Process

...

16

...

2

...

2

...

Establish and Maintain a Process to Accept and Address Software Vulnerabilities

...

16

...

3

...

2

...

Perform Root Cause Analysis on Security Vulnerabilities

...

16

...

4

...

2

...

Establish and Manage an Inventory of Third-Party Software Components

...

16

...

5

...

2

...

Use Up-to-Date and Trusted Third-Party Software Components

...

16

...

6

...

2

...

Establish and Maintain a Severity Rating System and Process for Application Vulnerabilities

...

16

...

7

...

2

...

Use Standard Hardening Configuration Templates for Application Infrastructure

...

16

...

8

...

2

...

Separate Production and Non-Production Systems

...

16

...

9

...

2

...

Train Developers in Application Security Concepts and Secure Coding

...

16

...

10

...

2

...

Apply Secure Design Principles in Application Architectures

...

16

...

11

...

2

...

Leverage Vetted Modules or Services for Application Security Components

...

16

...

12

...

3

...

Implement Code-Level Security Checks

...

16

...

13

...

3

...

Conduct Application Penetration Testing

...

16

...

14

...

3

...

Conduct Threat Modeling

...

17

...

1

...

1

...

Designate Personnel to Manage Incident Handling

...

17

...

2

...

1

...

Establish and Maintain Contact Information for Reporting Security Incidents

...

17

...

3

...

1

...

Establish and Maintain an Enterprise Process for Reporting Incidents

...

17

...

4

...

2

...

Establish and Maintain an Incident Response Process

...

17

...

5

...

2

...

Assign Key Roles and Responsibilities

...

17

...

6

...

2

...

Define Mechanisms for Communicating During Incident Response

...

17

...

7

...

2

...

Conduct Routine Incident Response Exercises

...

17

...

8

...

2

...

Conduct Post-Incident Reviews

...

17

...

9

...

3

...

Establish and Maintain Security Incident Thresholds

...

18

...

1

...

2

...

Establish and Maintain a Penetration Testing Program

...

18

...

2

...

2

...

Perform Periodic External Penetration Tests

...

18

...

3

...

2

...

Remediate Penetration Test Findings

...

18

...

4

...

3

...

Validate Security Measures

...

18

...

5

...

3

...

Perform Periodic Internal Penetration Tests

...

Control

...

SubControl

...

IG

...

SubControl

...

Covers Control

...

SubControl Comments

...

1

...

1

...

1

...

Establish and Maintain Detailed Enterprise Asset Inventory

...

Facilitates

...

ConnectSecure establishes and maintains a detailed enterprise asset inventory through its comprehensive scanning platform, which includes features for vulnerability and compliance management, prioritization of issues, automated reporting, and asset discovery using probes. These capabilities enable IT professionals to keep an accurate, detailed, and up-to-date inventory of all assets that have the potential to store or process data

...

1

...

2

...

1

...

Address Unauthorized Assets

...

Facilitates

...

ConnectSecure addresses unauthorized assets through active discovery methods and policy enforcement. The platform uses network probe technology to discover all IP-based assets on a network

. This includes both authorized and unauthorized assets.
Once an unauthorized asset is detected, ConnectSecure provides options to deal with it. These options may include removing the asset from the network, denying it the ability to connect remotely to the network, or quarantining it to isolate it from other assets

. This process is in line with the recommendations of CIS Control 1: Inventory and Control of Enterprise Assets, which suggests addressing unauthorized assets every week

...

1

...

3

...

2

...

Utilize an Active Discovery Tool

...

Partial

...

ConnectSecure uses an active discovery tool to identify and manage assets on a network, providing a comprehensive and up-to-date inventory of assets. This is achieved through automated network scans powered by Network Probe Technology and is supplemented by passive discovery methods for a more complete view of the network

...

1

...

4

...

2

...

Use DHCP Logging to update asset inventory

...

1

...

5

...

3

...

Use a Passive Asset Discovery Tool

...

2

...

1

...

1

...

Establish and Maintain a Software Inventory

...

Facilitates

...

ConnectSecure establishes and maintains a software inventory by leveraging its comprehensive cybersecurity scanning platform, which is designed to align with the NIST framework. This platform includes key features such as vulnerability management and compliance management, both of which play crucial roles in identifying and documenting software assets within an organization

...

2

...

2

...

1

...

Ensure Authorized Software is Currently Supported

...

Facilitates

...

ConnectSecure's platform is designed to identify a wide range of system vulnerabilities, including those related to outdated or unsupported software. This is achieved through its vulnerability management feature, which proactively identifies and addresses security weaknesses

...

2

...

3

...

1

...

Address Unauthorized Software

...

Facilitates

...

By using Whitelists, you can surface when unapproved applications are installed and take action through normal removal procedures. 

...

2

...

4

...

2

...

Utilize Automated Software Inventory Tools

...

Partial

...

ConnectSecure utilizes automated software inventory tools to maintain an up-to-date and accurate record of all software assets within an organization, which is crucial for identifying vulnerabilities and ensuring compliance with various standards

...

2

...

5

...

2

...

Allowlist Authorized Software

...

Facilitates

...

Info

Check out the CIS Controls Navigator for more insight into CIS Controls and Mappings.

https://www.cisecurity.org/controls/cis-controls-navigator

View file
nameCIS-Controls-Navigator-Export-2024-05-08T16_06_32.xlsx

Panel
panelIconIdatlassian-note
panelIcon:note:
bgColor#E3FCEF

We have the Excel version of the ConnectSecure CIS Control mapping file for download here:

View file
nameCSCIS_Mappings.xlsx

...

Control

SubControl

IG

SubControl Description

Coverage

1

1

1

Establish and Maintain Detailed Enterprise Asset Inventory

Facilitates

1

2

1

Address Unauthorized Assets

Facilitates

1

3

2

Utilize an Active Discovery Tool

Partial

1

4

2

Use DHCP Logging to update asset inventory

1

5

3

Use a Passive Asset Discovery Tool

2

1

1

Establish and Maintain a Software Inventory

Facilitates

2

2

1

Ensure Authorized Software is Currently Supported

Facilitates

2

3

1

Address Unauthorized Software

Facilitates

2

4

2

Utilize Automated Software Inventory Tools

Partial

2

5

2

Allowlist Authorized Software

Facilitates

2

6

2

Allowlist Authorized Libraries

2

7

3

Allowlist Authorized Scripts

3

1

1

Establish and Maintain a Data Management Process

3

2

1

Establish and Maintain a Data Inventory

Facilitates

ConnectSecure helps establish and maintain a data inventory by providing a comprehensive cybersecurity scanning platform that includes features for compiling a detailed inventory of applications, hardware, and network information. This platform also includes features for vulnerability management and compliance management, and it integrates with other systems to enhance its data inventory capabilities

3

3

1

Configure Data Access Control Lists

3

4

1

Enforce Data Retention

3

5

1

Securely Dispose of Data

3

6

1

Encrypt Data on End-User Devices

3

7

2

Establish and Maintain a Data Classification Scheme

3

8

2

Document Data Flows

3

9

2

Encrypt Data on Removable Media

3

10

2

Encrypt Sensitive Data In Transit

3

11

2

Encrypt Sensitive Data at Rest

3

12

2

Segment Data Processing and Storage Based on Sensitivity

3

13

3

Deploy a Data Loss Prevention Solution

Facilitates

3

14

3

Log Sensitive Data Access

4

1

1

Establish and Maintain a Secure Configuration Process

Facilitates

4

2

1

Establish and Maintain a Secure Configuration Process for Network Infrastructure

4

3

1

Configure Automatic Session Locking on Enterprise Assets

Facilitates

4

4

1

Implement and Manage a Firewall on Servers

Facilitates

4

5

1

Implement and Manage a Firewall on End-User Devices

Facilitates

4

6

1

Securely Manage Enterprise Assets and Software

4

7

1

Manage Default Accounts on Enterprise Assets and Software

Facilitates

4

8

2

Uninstall or Disable Unnecessary Services on Enterprise Assets and Software

Facilitates

4

9

2

Configure Trusted DNS Servers on Enterprise Assets

4

10

2

Enforce Automatic Device Lockout on Portable End-User Devices

Facilitates

4

11

2

Enforce Remote Wipe Capability on Portable End-User Devices

4

12

3

Separate Enterprise Workspaces on Mobile End-User Devices

5

1

1

Establish and Maintain an Inventory of Accounts

Facilitates

5

2

1

Use Unique Passwords

Facilitates

5

3

1

Disable Dormant Accounts

Facilitates

5

4

1

Restrict Administrator Privileges to Dedicated Administrator Accounts

5

5

2

Establish and Maintain an Inventory of Service Accounts

Facilitates

5

6

2

Centralize Account Management

6

1

1

Establish an Access Granting Process

6

2

1

Establish an Access Revoking Process

6

3

1

Require MFA for Externally-Exposed Applications

6

4

1

Require MFA for Remote Network Access

6

5

1

Require MFA for Administrative Access

6

6

2

Establish and Maintain an Inventory of Authentication and Authorization Systems

6

7

2

Centralize Access Control

6

8

3

Define and Maintain Role-Based Access Control

7

1

1

Establish and Maintain a Vulnerability Management Process

Facilitates

7

2

1

Establish and Maintain a Remediation Process

Facilitates

7

3

1

Perform Automated Operating System Patch Management

Partial

7

4

1

Perform Automated Application Patch Management

Partial

7

5

2

Perform Automated Vulnerability Scans of Internal Enterprise Assets

Fully

7

6

2

Perform Automated Vulnerability Scans of Externally-Exposed Enterprise Assets

Fully

7

7

2

Remediate Detected Vulnerabilities

Partial

8

1

1

Establish and Maintain an Audit Log Management Process

8

2

1

Collect Audit Logs

8

3

1

Ensure Adequate Audit Log Storage

8

4

2

Standardize Time Synchronization

Facilitates

8

5

2

Collect Detailed Audit Logs

8

6

2

Collect DNS Query Audit Logs

8

7

2

Collect URL Request Audit Logs

8

8

2

Collect Command-Line Audit Logs

8

9

2

Centralize Audit Logs

8

10

2

Retain Audit Logs

8

11

2

Conduct Audit Log Reviews

8

12

3

Collect Service Provider Logs

9

1

1

Ensure Use of Only Fully Supported Browsers and Email Clients

Facilitates

9

2

1

Use DNS Filtering Services

9

3

2

Maintain and Enforce Network-Based URL Filters

9

4

2

Restrict Unnecessary or Unauthorized Browser and Email Client Extensions

9

5

2

Implement DMARC

9

6

2

Block Unnecessary File Types

9

7

3

Deploy and Maintain Email Server Anti-Malware Protections

10

1

1

Deploy and Maintain Anti-Malware Software

10

2

1

Configure Automatic Anti-Malware Signature Updates

10

3

1

Disable Autorun and Autoplay for Removable Media

10

4

2

Configure Automatic Anti-Malware Scanning of Removable Media

10

5

2

Enable Anti-Exploitation Features

10

6

2

Centrally Manage Anti-Malware Software

10

7

3

Use Behavior-Based Anti-Malware Software

11

1

1

Establish and Maintain a Data Recovery Process

11

2

1

Perform Automated Backups

11

3

1

Protect Recovery Data

11

4

1

Establish and Maintain an Isolated Instance of Recovery Data

11

5

2

Test Data Recovery

12

1

1

Ensure Network Infrastructure is Up-to-Date

Facilitates

12

2

2

Establish and Maintain a Secure Network Architecture

12

3

2

Securely Manage Network Infrastructure

12

4

2

Establish and Maintain Architecture Diagram(s)

12

5

2

Centralize Network Authentication, Authorization, and Auditing (AAA)

12

6

2

Use of Secure Network Management and Communication Protocols

12

7

2

Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise’s AAA Infrastructure

12

8

3

Establish and Maintain Dedicated Computing Resources for All Administrative Work

13

1

2

Centralize Security Event Alerting

13

2

2

Deploy a Host-Based Intrusion Detection Solution

13

3

2

Deploy a Network Intrusion Detection Solution

13

4

2

Perform Traffic Filtering Between Network Segments

13

5

2

Manage Access Control for Remote Assets

13

6

2

Collect Network Traffic Flow Logs

13

7

3

Deploy a Host-Based Intrusion Prevention Solution

13

8

3

Deploy a Network Intrusion Prevention Solution

13

9

3

Deploy Port-Level Access Control

13

10

3

Perform Application Layer Filtering

13

11

3

Tune Security Event Alerting Thresholds

14

1

1

Establish and Maintain a Security Awareness Program

14

2

1

Train Workforce Members to Recognize Social Engineering Attacks

14

3

1

Train Workforce Members on Authentication Best Practices

14

4

1

Train Workforce on Data Handling Best Practices

14

5

1

Train Workforce Members on Causes of Unintentional Data Exposure

14

6

1

Train Workforce Members on Recognizing and Reporting Security Incidents

14

7

1

Train Workforce on How to Identify and Report if Their Enterprise Assets are Missing Security Updates

14

8

1

Train Workforce on the Dangers of Connecting to and Transmitting Enterprise Data Over Insecure Networks

14

9

2

Conduct Role-Specific Security Awareness and Skills Training

15

1

1

Establish and Maintain an Inventory of Service Providers

15

2

2

Establish and Maintain a Service Provider Management Policy

15

3

2

Classify Service Providers

15

4

2

Ensure Service Provider Contracts Include Security Requirements

15

5

3

Assess Service Providers

15

6

3

Monitor Service Providers

15

7

3

Securely Decommission Service Providers

16

1

2

Establish and Maintain a Secure Application Development Process

16

2

2

Establish and Maintain a Process to Accept and Address Software Vulnerabilities

16

3

2

Perform Root Cause Analysis on Security Vulnerabilities

16

4

2

Establish and Manage an Inventory of Third-Party Software Components

16

5

2

Use Up-to-Date and Trusted Third-Party Software Components

16

6

2

Establish and Maintain a Severity Rating System and Process for Application Vulnerabilities

16

7

2

Use Standard Hardening Configuration Templates for Application Infrastructure

16

8

2

Separate Production and Non-Production Systems

16

9

2

Train Developers in Application Security Concepts and Secure Coding

16

10

2

Apply Secure Design Principles in Application Architectures

16

11

2

Leverage Vetted Modules or Services for Application Security Components

16

12

3

Implement Code-Level Security Checks

16

13

3

Conduct Application Penetration Testing

16

14

3

Conduct Threat Modeling

17

1

1

Designate Personnel to Manage Incident Handling

17

2

1

Establish and Maintain Contact Information for Reporting Security Incidents

17

3

1

Establish and Maintain an Enterprise Process for Reporting Incidents

17

4

2

Establish and Maintain an Incident Response Process

17

5

2

Assign Key Roles and Responsibilities

17

6

2

Define Mechanisms for Communicating During Incident Response

17

7

2

Conduct Routine Incident Response Exercises

17

8

2

Conduct Post-Incident Reviews

17

9

3

Establish and Maintain Security Incident Thresholds

18

1

2

Establish and Maintain a Penetration Testing Program

18

2

2

Perform Periodic External Penetration Tests

18

3

2

Remediate Penetration Test Findings

18

4

3

Validate Security Measures

18

5

3

Perform Periodic Internal Penetration Tests