Date: Nov 22, 2025, 12:44:41 AM
Date: Aug 8, 2025, 8:06:01 PM
Editor: S3cN3tSys
Name:
Name: CIS Controls v8 safeguards
Description:
Description: CIS Controls are a prioritized set of Safeguards to mitigate the most prevalent cyber-attacks against systems and networks.
Format of the recommendations:
code: concatenation of
- safeguard identifier
- asset Type: Devices, Applications, Data Network, Users or N/A
- security function: Identify, Protect, Detect, Respond or Recover
- minimal implementation group: IG1, IG2, IG3
description: concatenation of
- control
- safeguard title
| t | 1 | {} | t | 1 | { |
| 2 | "authors": [ | ||||
| 3 | "S3cN3tSys" | ||||
| 4 | ], | ||||
| 5 | "label": "CIS Controls v8 safeguards", | ||||
| 6 | "language": "EN", | ||||
| 7 | "refs": [ | ||||
| 8 | "https://www.cisecurity.org/controls/v8/" | ||||
| 9 | ], | ||||
| 10 | "uuid": "e104cdf4-2fff-4989-9636-c16ddd8b2a78", | ||||
| 11 | "values": [ | ||||
| 12 | { | ||||
| 13 | "code": "1.1-Devices-Identify-IG1", | ||||
| 14 | "description": "Inventory and control of enterprise assets-Establish and maintain detailed enterprise asset inventory", | ||||
| 15 | "importance": 0, | ||||
| 16 | "uuid": "bddbfd9a-bd01-4818-9b0f-59b876243c90" | ||||
| 17 | }, | ||||
| 18 | { | ||||
| 19 | "code": "1.2-Devices-Respond-IG1", | ||||
| 20 | "description": "Inventory and control of enterprise assets-Address unauthorized assets", | ||||
| 21 | "importance": 0, | ||||
| 22 | "uuid": "df7b8cf0-93ef-49ce-bb41-3ae405ed0953" | ||||
| 23 | }, | ||||
| 24 | { | ||||
| 25 | "code": "1.3-Devices-Detect-IG2", | ||||
| 26 | "description": "Inventory and control of enterprise assets-Utilize an active discovery tool", | ||||
| 27 | "importance": 0, | ||||
| 28 | "uuid": "0a290b75-f9a0-4103-a5ee-95900765c420" | ||||
| 29 | }, | ||||
| 30 | { | ||||
| 31 | "code": "1.4-Devices-Identify-IG2", | ||||
| 32 | "description": "Inventory and control of enterprise assets-Use dynamic host configuration protocol (DHCP) logging to update enterprise asset inventory", | ||||
| 33 | "importance": 0, | ||||
| 34 | "uuid": "b511f821-a439-4591-b3ae-018e4669ecd2" | ||||
| 35 | }, | ||||
| 36 | { | ||||
| 37 | "code": "1.5-Devices-Detect-IG3", | ||||
| 38 | "description": "Inventory and control of enterprise assets-Use a passive asset discovery tool", | ||||
| 39 | "importance": 0, | ||||
| 40 | "uuid": "e087cb99-8458-46e9-a685-d8b9c1d90309" | ||||
| 41 | }, | ||||
| 42 | { | ||||
| 43 | "code": "10.1-Devices-Protect-IG1", | ||||
| 44 | "description": "Malware defenses-Deploy and maintain anti-malware software", | ||||
| 45 | "importance": 0, | ||||
| 46 | "uuid": "3dc09e1e-964f-465d-81b3-e7bee3dc4fc2" | ||||
| 47 | }, | ||||
| 48 | { | ||||
| 49 | "code": "10.2-Devices-Protect-IG1", | ||||
| 50 | "description": "Malware defenses-Configure automatic anti-malware signature updates", | ||||
| 51 | "importance": 0, | ||||
| 52 | "uuid": "d6c49f98-6204-42e6-a1f4-f0f7206e2485" | ||||
| 53 | }, | ||||
| 54 | { | ||||
| 55 | "code": "10.3-Devices-Protect-IG1", | ||||
| 56 | "description": "Malware defenses-Disable autorun and autoplay for removable media", | ||||
| 57 | "importance": 0, | ||||
| 58 | "uuid": "d25cd6be-da2a-4262-9949-168cdd555c36" | ||||
| 59 | }, | ||||
| 60 | { | ||||
| 61 | "code": "10.4-Devices-Detect-IG2", | ||||
| 62 | "description": "Malware defenses-Configure automatic anti-malware scanning of removable media", | ||||
| 63 | "importance": 0, | ||||
| 64 | "uuid": "0f85c704-796b-4620-ab3b-307d870cf02e" | ||||
| 65 | }, | ||||
| 66 | { | ||||
| 67 | "code": "10.5-Devices-Protect-IG2", | ||||
| 68 | "description": "Malware defenses-Enable anti-exploitation features", | ||||
| 69 | "importance": 0, | ||||
| 70 | "uuid": "71bcef8a-b0f9-4a9d-8736-7106eed100aa" | ||||
| 71 | }, | ||||
| 72 | { | ||||
| 73 | "code": "10.6-Devices-Protect-IG2", | ||||
| 74 | "description": "Malware defenses-Centrally manage anti-malware software", | ||||
| 75 | "importance": 0, | ||||
| 76 | "uuid": "992326df-4230-4411-8369-271031da8fd3" | ||||
| 77 | }, | ||||
| 78 | { | ||||
| 79 | "code": "10.7-Devices-Detect-IG2", | ||||
| 80 | "description": "Malware defenses-Use behavior-based anti-malware software", | ||||
| 81 | "importance": 0, | ||||
| 82 | "uuid": "5ff9342c-ef4b-4a94-846b-116449b816cc" | ||||
| 83 | }, | ||||
| 84 | { | ||||
| 85 | "code": "11.1-Data-Recover-IG1", | ||||
| 86 | "description": "Data recovery-Establish and maintain a data recovery process", | ||||
| 87 | "importance": 0, | ||||
| 88 | "uuid": "a13ea0ef-ffb0-40b1-ad2a-12575023abc3" | ||||
| 89 | }, | ||||
| 90 | { | ||||
| 91 | "code": "11.2-Data-Recover-IG1", | ||||
| 92 | "description": "Data recovery-Perform automated backups", | ||||
| 93 | "importance": 0, | ||||
| 94 | "uuid": "5d962f76-f06c-4ac8-8719-1e076bc045fa" | ||||
| 95 | }, | ||||
| 96 | { | ||||
| 97 | "code": "11.3-Data-Protect-IG1", | ||||
| 98 | "description": "Data recovery-Protect recovery data", | ||||
| 99 | "importance": 0, | ||||
| 100 | "uuid": "8f1aea43-f84d-42f8-963b-f022bc26e0f0" | ||||
| 101 | }, | ||||
| 102 | { | ||||
| 103 | "code": "11.4-Data-Recover-IG1", | ||||
| 104 | "description": "Data recovery-Establish and maintain an isolated instance of recovery data", | ||||
| 105 | "importance": 0, | ||||
| 106 | "uuid": "1856b595-3895-4dff-9ceb-558abec393f2" | ||||
| 107 | }, | ||||
| 108 | { | ||||
| 109 | "code": "11.5-Data-Recover-IG2", | ||||
| 110 | "description": "Data recovery-Test data recovery", | ||||
| 111 | "importance": 0, | ||||
| 112 | "uuid": "d54a8077-661a-4aaa-b90e-f61e23764513" | ||||
| 113 | }, | ||||
| 114 | { | ||||
| 115 | "code": "12.1-Network-Protect-IG1", | ||||
| 116 | "description": "Network infrastructure management-Ensure network infrastructure is up-to-date", | ||||
| 117 | "importance": 0, | ||||
| 118 | "uuid": "6f3c9210-54be-4aef-a326-c46389d34e5a" | ||||
| 119 | }, | ||||
| 120 | { | ||||
| 121 | "code": "12.2-Network-Protect-IG2", | ||||
| 122 | "description": "Network infrastructure management-Establish and maintain a secure network architecture", | ||||
| 123 | "importance": 0, | ||||
| 124 | "uuid": "3b941a78-f75b-4b7d-9565-c3840af19471" | ||||
| 125 | }, | ||||
| 126 | { | ||||
| 127 | "code": "12.3-Network-Protect-IG2", | ||||
| 128 | "description": "Network infrastructure management-Securely manage network infrastructure", | ||||
| 129 | "importance": 0, | ||||
| 130 | "uuid": "b3a03b9b-5f74-4a5b-9043-8662221dcde5" | ||||
| 131 | }, | ||||
| 132 | { | ||||
| 133 | "code": "12.4-Network-Identify-IG2", | ||||
| 134 | "description": "Network infrastructure management-Establish and maintain architecture diagram(s)", | ||||
| 135 | "importance": 0, | ||||
| 136 | "uuid": "d6bb7326-163d-4c9d-a94c-f910a345cc55" | ||||
| 137 | }, | ||||
| 138 | { | ||||
| 139 | "code": "12.5-Network-Protect-IG2", | ||||
| 140 | "description": "Network infrastructure management-Centralize network authentication; authorization; and auditing (AAA)", | ||||
| 141 | "importance": 0, | ||||
| 142 | "uuid": "bb69f5e6-5745-4a70-b863-248ba2a6fae2" | ||||
| 143 | }, | ||||
| 144 | { | ||||
| 145 | "code": "12.6-Network-Protect-IG2", | ||||
| 146 | "description": "Network infrastructure management-Use of secure network management and communication protocols", | ||||
| 147 | "importance": 0, | ||||
| 148 | "uuid": "ad65c163-116b-4ff9-afc1-d2986362958c" | ||||
| 149 | }, | ||||
| 150 | { | ||||
| 151 | "code": "12.7-Devices-Protect-IG2", | ||||
| 152 | "description": "Network infrastructure management-Ensure remote devices utilize a vpn and are connecting to an enterprises aaa infrastructure", | ||||
| 153 | "importance": 0, | ||||
| 154 | "uuid": "10779a71-e1a5-40bc-8035-65c1e879b3fb" | ||||
| 155 | }, | ||||
| 156 | { | ||||
| 157 | "code": "12.8-Devices-Protect-IG3", | ||||
| 158 | "description": "Network infrastructure management-Establish and maintain dedicated computing resources for all administrative work", | ||||
| 159 | "importance": 0, | ||||
| 160 | "uuid": "6b2e129e-7212-418f-b73e-98ece0f5495a" | ||||
| 161 | }, | ||||
| 162 | { | ||||
| 163 | "code": "13.1-Network-Detect-IG2", | ||||
| 164 | "description": "Network monitoring and defense-Centralize security event alerting", | ||||
| 165 | "importance": 0, | ||||
| 166 | "uuid": "67f9d216-3a19-41fe-9867-3ad72e46a8e4" | ||||
| 167 | }, | ||||
| 168 | { | ||||
| 169 | "code": "13.1-Network-Protect-IG2", | ||||
| 170 | "description": "Network monitoring and defense-Perform application layer filtering", | ||||
| 171 | "importance": 0, | ||||
| 172 | "uuid": "7ceb6e84-5b91-4768-bac2-f5f378b17d39" | ||||
| 173 | }, | ||||
| 174 | { | ||||
| 175 | "code": "13.11-Network-Detect-IG3", | ||||
| 176 | "description": "Network monitoring and defense-Tune security event alerting thresholds", | ||||
| 177 | "importance": 0, | ||||
| 178 | "uuid": "c36588b7-3795-4d29-aeb1-cad9779e071e" | ||||
| 179 | }, | ||||
| 180 | { | ||||
| 181 | "code": "13.2-Devices-Detect-IG2", | ||||
| 182 | "description": "Network monitoring and defense-Deploy a host-based intrusion detection solution", | ||||
| 183 | "importance": 0, | ||||
| 184 | "uuid": "8b0e9aa6-563d-4932-b84e-42f7f5fa4b66" | ||||
| 185 | }, | ||||
| 186 | { | ||||
| 187 | "code": "13.3-Network-Detect-IG2", | ||||
| 188 | "description": "Network monitoring and defense-Deploy a network intrusion detection solution", | ||||
| 189 | "importance": 0, | ||||
| 190 | "uuid": "8ad4ac5f-27d8-4088-8fdf-428dbca182ef" | ||||
| 191 | }, | ||||
| 192 | { | ||||
| 193 | "code": "13.4-Network-Protect-IG2", | ||||
| 194 | "description": "Network monitoring and defense-Perform traffic filtering between network segments", | ||||
| 195 | "importance": 0, | ||||
| 196 | "uuid": "926bbf48-ac93-47b4-9c88-e18f3d2e0dd5" | ||||
| 197 | }, | ||||
| 198 | { | ||||
| 199 | "code": "13.5-Devices-Protect-IG2", | ||||
| 200 | "description": "Network monitoring and defense-Manage access control for remote assets", | ||||
| 201 | "importance": 0, | ||||
| 202 | "uuid": "077f28d8-ad9f-429d-96dc-31f91b7daf3c" | ||||
| 203 | }, | ||||
| 204 | { | ||||
| 205 | "code": "13.6-Network-Detect-IG2", | ||||
| 206 | "description": "Network monitoring and defense-Collect network traffic flow logs ", | ||||
| 207 | "importance": 0, | ||||
| 208 | "uuid": "db99bd9e-2b52-4513-9385-7ccb7fec8325" | ||||
| 209 | }, | ||||
| 210 | { | ||||
| 211 | "code": "13.7-Devices-Protect-IG3", | ||||
| 212 | "description": "Network monitoring and defense-Deploy a host-based intrusion prevention solution", | ||||
| 213 | "importance": 0, | ||||
| 214 | "uuid": "8fc8c868-4a72-4a49-af62-01b0b7931475" | ||||
| 215 | }, | ||||
| 216 | { | ||||
| 217 | "code": "13.8-Network-Protect-IG3", | ||||
| 218 | "description": "Network monitoring and defense-Deploy a network intrusion prevention solution", | ||||
| 219 | "importance": 0, | ||||
| 220 | "uuid": "ed739bd6-2fce-416c-a24a-9a85d0a205d0" | ||||
| 221 | }, | ||||
| 222 | { | ||||
| 223 | "code": "13.9-Devices-Protect-IG3", | ||||
| 224 | "description": "Network monitoring and defense-Deploy port-level access control", | ||||
| 225 | "importance": 0, | ||||
| 226 | "uuid": "d97e7de7-32d7-45bd-a149-c60c68b205a1" | ||||
| 227 | }, | ||||
| 228 | { | ||||
| 229 | "code": "14.1-N/A-Protect", | ||||
| 230 | "description": "Security awareness and skills training-Establish and maintain a security awareness program", | ||||
| 231 | "importance": 0, | ||||
| 232 | "uuid": "242c4eef-df6b-4111-b443-c748405d7612" | ||||
| 233 | }, | ||||
| 234 | { | ||||
| 235 | "code": "14.2-N/A-Protect", | ||||
| 236 | "description": "Security awareness and skills training-Train workforce members to recognize social engineering attacks", | ||||
| 237 | "importance": 0, | ||||
| 238 | "uuid": "f9f5f9e1-2909-467a-995f-6aa98e5d5c64" | ||||
| 239 | }, | ||||
| 240 | { | ||||
| 241 | "code": "14.3-N/A-Protect", | ||||
| 242 | "description": "Security awareness and skills training-Train workforce members on authentication best practices", | ||||
| 243 | "importance": 0, | ||||
| 244 | "uuid": "7c0e7f6a-7e63-4837-b1af-64fc4a33094e" | ||||
| 245 | }, | ||||
| 246 | { | ||||
| 247 | "code": "14.4-N/A-Protect", | ||||
| 248 | "description": "Security awareness and skills training-Train workforce on data handling best practices", | ||||
| 249 | "importance": 0, | ||||
| 250 | "uuid": "4d0e4320-e854-4787-ac37-d9781582481b" | ||||
| 251 | }, | ||||
| 252 | { | ||||
| 253 | "code": "14.5-N/A-Protect", | ||||
| 254 | "description": "Security awareness and skills training-Train workforce members on causes of unintentional data exposure", | ||||
| 255 | "importance": 0, | ||||
| 256 | "uuid": "f6d1f4bf-74ff-4075-ba11-e143a0606193" | ||||
| 257 | }, | ||||
| 258 | { | ||||
| 259 | "code": "14.6-N/A-Protect", | ||||
| 260 | "description": "Security awareness and skills training-Train workforce members on recognizing and reporting security incidents", | ||||
| 261 | "importance": 0, | ||||
| 262 | "uuid": "41304900-8386-4462-b6e5-ab24aed576fd" | ||||
| 263 | }, | ||||
| 264 | { | ||||
| 265 | "code": "14.7-N/A-Protect", | ||||
| 266 | "description": "Security awareness and skills training-Train workforce on how to identify and report if their enterprise assets are missing security updates", | ||||
| 267 | "importance": 0, | ||||
| 268 | "uuid": "6a408e9a-eddf-4500-a06c-77fd5e40ceac" | ||||
| 269 | }, | ||||
| 270 | { | ||||
| 271 | "code": "14.8-N/A-Protect", | ||||
| 272 | "description": "Security awareness and skills training-Train workforce on the dangers of connecting to and transmitting enterprise data over insecure networks", | ||||
| 273 | "importance": 0, | ||||
| 274 | "uuid": "675cfd37-7f0e-428d-9897-17e599b359e2" | ||||
| 275 | }, | ||||
| 276 | { | ||||
| 277 | "code": "14.9-N/A-Protect", | ||||
| 278 | "description": "Security awareness and skills training-Conduct role-specific security awareness and skills training", | ||||
| 279 | "importance": 0, | ||||
| 280 | "uuid": "635b5ea6-fac3-4ce0-a2a5-c52d45e45567" | ||||
| 281 | }, | ||||
| 282 | { | ||||
| 283 | "code": "15.1-N/A-Identify", | ||||
| 284 | "description": "Service provider management-Establish and maintain an inventory of service providers", | ||||
| 285 | "importance": 0, | ||||
| 286 | "uuid": "9a93ac72-5e01-40c8-aa59-15ce818dfc9e" | ||||
| 287 | }, | ||||
| 288 | { | ||||
| 289 | "code": "15.2-N/A-Identify", | ||||
| 290 | "description": "Service provider management-Establish and maintain a service provider management policy", | ||||
| 291 | "importance": 0, | ||||
| 292 | "uuid": "3cc0492c-aef0-43e8-a204-518c85e16bfb" | ||||
| 293 | }, | ||||
| 294 | { | ||||
| 295 | "code": "15.3-N/A-Identify", | ||||
| 296 | "description": "Service provider management-Classify service providers", | ||||
| 297 | "importance": 0, | ||||
| 298 | "uuid": "4679c841-a248-4acd-9546-4c0b296667b3" | ||||
| 299 | }, | ||||
| 300 | { | ||||
| 301 | "code": "15.4-N/A-Protect", | ||||
| 302 | "description": "Service provider management-Ensure service provider contracts include security requirements", | ||||
| 303 | "importance": 0, | ||||
| 304 | "uuid": "c5899967-df04-4c30-88f2-9a5063fa9fc0" | ||||
| 305 | }, | ||||
| 306 | { | ||||
| 307 | "code": "15.5-N/A-Identify", | ||||
| 308 | "description": "Service provider management-Assess service providers", | ||||
| 309 | "importance": 0, | ||||
| 310 | "uuid": "306e2298-b1b3-403f-8bb0-0ace52e2ada2" | ||||
| 311 | }, | ||||
| 312 | { | ||||
| 313 | "code": "15.6-Data-Detect-IG3", | ||||
| 314 | "description": "Service provider management-Monitor service providers", | ||||
| 315 | "importance": 0, | ||||
| 316 | "uuid": "2401973b-c535-4e04-b7b6-2e5411b41a84" | ||||
| 317 | }, | ||||
| 318 | { | ||||
| 319 | "code": "15.7-Data-Protect-IG3", | ||||
| 320 | "description": "Service provider management-Securely decommission service providers", | ||||
| 321 | "importance": 0, | ||||
| 322 | "uuid": "d11c9f97-a848-4c18-9153-e0ca31f2dd3c" | ||||
| 323 | }, | ||||
| 324 | { | ||||
| 325 | "code": "16.1-Applications-Protect-IG2", | ||||
| 326 | "description": "Application software security-Establish and maintain a secure application developmentprocess", | ||||
| 327 | "importance": 0, | ||||
| 328 | "uuid": "db784c45-c0b9-43bd-8643-e43fdbb4c437" | ||||
| 329 | }, | ||||
| 330 | { | ||||
| 331 | "code": "16.10-Applications-Protect-IG2", | ||||
| 332 | "description": "Application software security-Apply secure design principles in application architectures", | ||||
| 333 | "importance": 0, | ||||
| 334 | "uuid": "d93d03cd-205d-4ac6-b1a1-ccd278a8061d" | ||||
| 335 | }, | ||||
| 336 | { | ||||
| 337 | "code": "16.11-Applications-Protect-IG2", | ||||
| 338 | "description": "Application software security-Leverage vetted modules or services for application security components", | ||||
| 339 | "importance": 0, | ||||
| 340 | "uuid": "811f7d98-b355-48bf-bb99-d760dfbdcfc6" | ||||
| 341 | }, | ||||
| 342 | { | ||||
| 343 | "code": "16.12-Applications-Protect-IG3", | ||||
| 344 | "description": "Application software security-Implement code-level security checks", | ||||
| 345 | "importance": 0, | ||||
| 346 | "uuid": "17376129-173e-4ca8-8f7c-033b70fb2001" | ||||
| 347 | }, | ||||
| 348 | { | ||||
| 349 | "code": "16.13-Applications-Protect-IG3", | ||||
| 350 | "description": "Application software security-Conduct application penetration testing", | ||||
| 351 | "importance": 0, | ||||
| 352 | "uuid": "53c61b03-34bf-41b7-9739-7be444b7467f" | ||||
| 353 | }, | ||||
| 354 | { | ||||
| 355 | "code": "16.14-Applications-Protect-IG3", | ||||
| 356 | "description": "Application software security-Conduct threat modeling", | ||||
| 357 | "importance": 0, | ||||
| 358 | "uuid": "113cd8a0-199c-4af4-9fb9-9d039513d08f" | ||||
| 359 | }, | ||||
| 360 | { | ||||
| 361 | "code": "16.2-Applications-Protect-IG2", | ||||
| 362 | "description": "Application software security-Establish and maintain a process to accept and address software vulnerabilities", | ||||
| 363 | "importance": 0, | ||||
| 364 | "uuid": "074c5418-aae7-41df-854e-909ccb91d469" | ||||
| 365 | }, | ||||
| 366 | { | ||||
| 367 | "code": "16.3-Applications-Protect-IG2", | ||||
| 368 | "description": "Application software security-Perform root cause analysis on security vulnerabilities", | ||||
| 369 | "importance": 0, | ||||
| 370 | "uuid": "59ef8b71-f972-47dc-be03-0f8b25dfbe80" | ||||
| 371 | }, | ||||
| 372 | { | ||||
| 373 | "code": "16.4-Applications-Protect-IG2", | ||||
| 374 | "description": "Application software security-Establish and manage an inventory of third-party software components", | ||||
| 375 | "importance": 0, | ||||
| 376 | "uuid": "10df85b2-f5e4-48ec-8ff6-ea9e33bd7a3d" | ||||
| 377 | }, | ||||
| 378 | { | ||||
| 379 | "code": "16.5-Applications-Protect-IG2", | ||||
| 380 | "description": "Application software security-Use up-to-date and trusted third-party software components", | ||||
| 381 | "importance": 0, | ||||
| 382 | "uuid": "5cb4fd72-aefd-4d91-a551-85ab75b0fa95" | ||||
| 383 | }, | ||||
| 384 | { | ||||
| 385 | "code": "16.6-Applications-Protect-IG2", | ||||
| 386 | "description": "Application software security-Establish and maintain a severity rating system and process for application vulnerabilities", | ||||
| 387 | "importance": 0, | ||||
| 388 | "uuid": "40780741-bf90-49d0-8cae-8b79b9c67688" | ||||
| 389 | }, | ||||
| 390 | { | ||||
| 391 | "code": "16.7-Applications-Protect-IG2", | ||||
| 392 | "description": "Application software security-Use standard hardening configuration templates for application infrastructure", | ||||
| 393 | "importance": 0, | ||||
| 394 | "uuid": "08765a85-badb-4064-afd2-0a5f44191c09" | ||||
| 395 | }, | ||||
| 396 | { | ||||
| 397 | "code": "16.8-Applications-Protect-IG2", | ||||
| 398 | "description": "Application software security-Separate production and non-production systems", | ||||
| 399 | "importance": 0, | ||||
| 400 | "uuid": "93648fa0-22f5-48db-902b-ea183636ee60" | ||||
| 401 | }, | ||||
| 402 | { | ||||
| 403 | "code": "16.9-Applications-Protect-IG2", | ||||
| 404 | "description": "Application software security-Train developers in application security concepts and secure coding", | ||||
| 405 | "importance": 0, | ||||
| 406 | "uuid": "cf064702-2b50-4584-ad85-b0906fc2cd41" | ||||
| 407 | }, | ||||
| 408 | { | ||||
| 409 | "code": "17.1-N/A-Respond", | ||||
| 410 | "description": "Incident response management-Designate personnel to manage incident handling", | ||||
| 411 | "importance": 0, | ||||
| 412 | "uuid": "21ef0712-1c11-41ee-8779-1df154ba60c0" | ||||
| 413 | }, | ||||
| 414 | { | ||||
| 415 | "code": "17.2-N/A-Respond", | ||||
| 416 | "description": "Incident response management-Establish and maintain contact information for reporting security incidents", | ||||
| 417 | "importance": 0, | ||||
| 418 | "uuid": "63e7f08e-97f8-4158-bda4-236b90c1e3bc" | ||||
| 419 | }, | ||||
| 420 | { | ||||
| 421 | "code": "17.3-N/A-Respond", | ||||
| 422 | "description": "Incident response management-Establish and maintain an enterprise process for reporting incidents", | ||||
| 423 | "importance": 0, | ||||
| 424 | "uuid": "803cce36-fdf0-40c6-b307-f599d1d2dd7b" | ||||
| 425 | }, | ||||
| 426 | { | ||||
| 427 | "code": "17.4-N/A-Respond", | ||||
| 428 | "description": "Incident response management-Establish and maintain an incident response process", | ||||
| 429 | "importance": 0, | ||||
| 430 | "uuid": "28a2bd0e-963a-4136-a2ca-97aaeb464730" | ||||
| 431 | }, | ||||
| 432 | { | ||||
| 433 | "code": "17.5-N/A-Respond", | ||||
| 434 | "description": "Incident response management-Assign key roles and responsibilities", | ||||
| 435 | "importance": 0, | ||||
| 436 | "uuid": "5ffc1ef8-c708-437d-92ed-47a4c009c707" | ||||
| 437 | }, | ||||
| 438 | { | ||||
| 439 | "code": "17.6-N/A-Respond", | ||||
| 440 | "description": "Incident response management-Define mechanisms for communicating during incident response", | ||||
| 441 | "importance": 0, | ||||
| 442 | "uuid": "705f68b7-b2e7-4fc1-8fc2-6f5ca2c907fb" | ||||
| 443 | }, | ||||
| 444 | { | ||||
| 445 | "code": "17.7-N/A-Recover", | ||||
| 446 | "description": "Incident response management-Conduct routine incident response exercises", | ||||
| 447 | "importance": 0, | ||||
| 448 | "uuid": "c4cd4c54-ef9b-4772-b38a-637beb606327" | ||||
| 449 | }, | ||||
| 450 | { | ||||
| 451 | "code": "17.8-N/A-Recover", | ||||
| 452 | "description": "Incident response management-Conduct post-incident reviews", | ||||
| 453 | "importance": 0, | ||||
| 454 | "uuid": "eb3a14e8-43c9-4a37-af9d-210413259eb3" | ||||
| 455 | }, | ||||
| 456 | { | ||||
| 457 | "code": "17.9-N/A-Recover", | ||||
| 458 | "description": "Incident response management-Establish and maintain security incident thresholds", | ||||
| 459 | "importance": 0, | ||||
| 460 | "uuid": "e3484c4b-6fdf-48a8-ba77-91f4f2385daa" | ||||
| 461 | }, | ||||
| 462 | { | ||||
| 463 | "code": "18.1-N/A-Identify", | ||||
| 464 | "description": "Penetration testing-Establish and maintain a penetration testing program", | ||||
| 465 | "importance": 0, | ||||
| 466 | "uuid": "52057c66-fefe-40b9-a176-3eec10c0ab06" | ||||
| 467 | }, | ||||
| 468 | { | ||||
| 469 | "code": "18.2-Network-Identify-IG2", | ||||
| 470 | "description": "Penetration testing-Perform periodic external penetration tests", | ||||
| 471 | "importance": 0, | ||||
| 472 | "uuid": "d39d0f22-cdbb-4577-9285-1de2a6f7036b" | ||||
| 473 | }, | ||||
| 474 | { | ||||
| 475 | "code": "18.3-Network-Protect-IG2-IG1", | ||||
| 476 | "description": "Penetration testing-Remediate penetration test findings", | ||||
| 477 | "importance": 0, | ||||
| 478 | "uuid": "c0d370ca-5c25-4c22-becc-79516a026298" | ||||
| 479 | }, | ||||
| 480 | { | ||||
| 481 | "code": "18.4-Network-Protect-IG3-IG2", | ||||
| 482 | "description": "Penetration testing-Validate security measures", | ||||
| 483 | "importance": 0, | ||||
| 484 | "uuid": "3eee979d-2e78-4b4f-aaa1-701a1eb81bd3" | ||||
| 485 | }, | ||||
| 486 | { | ||||
| 487 | "code": "18.5-N/A-Identify", | ||||
| 488 | "description": "Penetration testing-Perform periodic internal penetration tests", | ||||
| 489 | "importance": 0, | ||||
| 490 | "uuid": "8bf03dd7-9b05-4d90-9e78-b8745eb163fa" | ||||
| 491 | }, | ||||
| 492 | { | ||||
| 493 | "code": "2.1-Applications-Identify-IG1", | ||||
| 494 | "description": "Inventory and control of software assets-Establish and maintain a software inventory", | ||||
| 495 | "importance": 0, | ||||
| 496 | "uuid": "cb300188-2a2a-47aa-a5d1-89292844d692" | ||||
| 497 | }, | ||||
| 498 | { | ||||
| 499 | "code": "2.2-Applications-Identify-IG1", | ||||
| 500 | "description": "Inventory and control of software assets-Ensure authorized software is currently supported ", | ||||
| 501 | "importance": 0, | ||||
| 502 | "uuid": "5b7c6e6c-a603-4c92-9721-a8a24177cbaa" | ||||
| 503 | }, | ||||
| 504 | { | ||||
| 505 | "code": "2.3-Applications-Respond-IG1", | ||||
| 506 | "description": "Inventory and control of software assets-Address unauthorized software", | ||||
| 507 | "importance": 0, | ||||
| 508 | "uuid": "93befead-5a8f-4df7-91a2-b23e3f922f48" | ||||
| 509 | }, | ||||
| 510 | { | ||||
| 511 | "code": "2.4-Applications-Detect-IG2", | ||||
| 512 | "description": "Inventory and control of software assets-Utilize automated software inventory tools", | ||||
| 513 | "importance": 0, | ||||
| 514 | "uuid": "155fea9b-0ca0-4c3a-9414-91928f7af662" | ||||
| 515 | }, | ||||
| 516 | { | ||||
| 517 | "code": "2.5-Applications-Protect-IG2", | ||||
| 518 | "description": "Inventory and control of software assets-Allowlist authorized software", | ||||
| 519 | "importance": 0, | ||||
| 520 | "uuid": "b6772c6b-9654-4467-a149-696f82947075" | ||||
| 521 | }, | ||||
| 522 | { | ||||
| 523 | "code": "2.6-Applications-Protect-IG2", | ||||
| 524 | "description": "Inventory and control of software assets-Allowlist authorized libraries", | ||||
| 525 | "importance": 0, | ||||
| 526 | "uuid": "4a7cc9ba-ae68-41c7-8a96-f4ebbe452acf" | ||||
| 527 | }, | ||||
| 528 | { | ||||
| 529 | "code": "2.7-Applications-Protect-IG3", | ||||
| 530 | "description": "Inventory and control of software assets-Allowlist authorized scripts", | ||||
| 531 | "importance": 0, | ||||
| 532 | "uuid": "26e285a6-3197-413d-9599-fd466286b958" | ||||
| 533 | }, | ||||
| 534 | { | ||||
| 535 | "code": "3.1-Data-Identify-IG1", | ||||
| 536 | "description": "Data protection-Establish and maintain a data management process", | ||||
| 537 | "importance": 0, | ||||
| 538 | "uuid": "514fbadc-c751-4852-9fd6-8351b6054f8d" | ||||
| 539 | }, | ||||
| 540 | { | ||||
| 541 | "code": "3.1-Data-Protect-IG1", | ||||
| 542 | "description": "Data protection-Encrypt sensitive data in transit", | ||||
| 543 | "importance": 0, | ||||
| 544 | "uuid": "a243b1de-67d6-463a-9fa8-c424beda6250" | ||||
| 545 | }, | ||||
| 546 | { | ||||
| 547 | "code": "3.11-Data-Protect-IG2", | ||||
| 548 | "description": "Data protection-Encrypt sensitive data at rest", | ||||
| 549 | "importance": 0, | ||||
| 550 | "uuid": "da4089a1-4a1e-46c2-aeef-8f502b37ade2" | ||||
| 551 | }, | ||||
| 552 | { | ||||
| 553 | "code": "3.12-Network-Protect-IG2", | ||||
| 554 | "description": "Data protection-Segment data processing and storage based on sensitivity", | ||||
| 555 | "importance": 0, | ||||
| 556 | "uuid": "7c72e13e-e088-4e44-9910-c86c3de60d10" | ||||
| 557 | }, | ||||
| 558 | { | ||||
| 559 | "code": "3.13-Data-Protect-IG3", | ||||
| 560 | "description": "Data protection-Deploy a data loss prevention solution", | ||||
| 561 | "importance": 0, | ||||
| 562 | "uuid": "0496fa97-cdcb-4199-bec9-973feb9fe8d2" | ||||
| 563 | }, | ||||
| 564 | { | ||||
| 565 | "code": "3.14-Data-Detect-IG3", | ||||
| 566 | "description": "Data protection-Log sensitive data access", | ||||
| 567 | "importance": 0, | ||||
| 568 | "uuid": "ccf1033b-824a-438d-b12b-a25e3c7d6684" | ||||
| 569 | }, | ||||
| 570 | { | ||||
| 571 | "code": "3.2-Data-Identify-IG1", | ||||
| 572 | "description": "Data protection-Establish and maintain a data inventory", | ||||
| 573 | "importance": 0, | ||||
| 574 | "uuid": "e6452c3e-4246-480d-aa6a-7215203710ad" | ||||
| 575 | }, | ||||
| 576 | { | ||||
| 577 | "code": "3.3-Data-Protect-IG1", | ||||
| 578 | "description": "Data protection-Configure data access control lists", | ||||
| 579 | "importance": 0, | ||||
| 580 | "uuid": "1294ffcd-b674-4643-9991-4e7320390122" | ||||
| 581 | }, | ||||
| 582 | { | ||||
| 583 | "code": "3.4-Data-Protect-IG1", | ||||
| 584 | "description": "Data protection-Enforce data retention", | ||||
| 585 | "importance": 0, | ||||
| 586 | "uuid": "a70a5a30-b5e5-4ea6-acbe-834746a0fed1" | ||||
| 587 | }, | ||||
| 588 | { | ||||
| 589 | "code": "3.5-Data-Protect-IG1", | ||||
| 590 | "description": "Data protection-Securely dispose of data", | ||||
| 591 | "importance": 0, | ||||
| 592 | "uuid": "59984672-7139-45c4-997f-e66feab835a9" | ||||
| 593 | }, | ||||
| 594 | { | ||||
| 595 | "code": "3.6-Devices-Protect-IG1", | ||||
| 596 | "description": "Data protection-Encrypt data on end-user devices", | ||||
| 597 | "importance": 0, | ||||
| 598 | "uuid": "f77bf54d-1cda-4dda-aa3f-cb6629029d8c" | ||||
| 599 | }, | ||||
| 600 | { | ||||
| 601 | "code": "3.7-Data-Identify-IG2", | ||||
| 602 | "description": "Data protection-Establish and maintain a data classification scheme", | ||||
| 603 | "importance": 0, | ||||
| 604 | "uuid": "99eb13c7-2d8d-4d53-8e19-871214d91f39" | ||||
| 605 | }, | ||||
| 606 | { | ||||
| 607 | "code": "3.8-Data-Identify-IG2", | ||||
| 608 | "description": "Data protection-Document data flows", | ||||
| 609 | "importance": 0, | ||||
| 610 | "uuid": "24dc11d3-998b-47ca-b7f4-40310afa3c03" | ||||
| 611 | }, | ||||
| 612 | { | ||||
| 613 | "code": "3.9-Data-Protect-IG2", | ||||
| 614 | "description": "Data protection-Encrypt data on removable media", | ||||
| 615 | "importance": 0, | ||||
| 616 | "uuid": "d796c0d3-8205-4732-a3d1-d7832c8a89d5" | ||||
| 617 | }, | ||||
| 618 | { | ||||
| 619 | "code": "4.1-Applications-Protect-IG1", | ||||
| 620 | "description": "Secure configuration of enterprise assets and software-Establish and maintain a secure configuration process", | ||||
| 621 | "importance": 0, | ||||
| 622 | "uuid": "eeb97c09-6a2c-412c-87b1-b39df7fa3630" | ||||
| 623 | }, | ||||
| 624 | { | ||||
| 625 | "code": "4.1-Devices-Respond-IG1", | ||||
| 626 | "description": "Secure configuration of enterprise assets and software-Enforce automatic device lockout on portable end-user devices", | ||||
| 627 | "importance": 0, | ||||
| 628 | "uuid": "a8f19c86-2de7-4f2a-b444-7a35fedbc9d6" | ||||
| 629 | }, | ||||
| 630 | { | ||||
| 631 | "code": "4.11-Devices-Protect-IG2", | ||||
| 632 | "description": "Secure configuration of enterprise assets and software-Enforce remote wipe capability on portable end-user devices", | ||||
| 633 | "importance": 0, | ||||
| 634 | "uuid": "943a0a0e-82e4-4f32-af2c-4bdded48773f" | ||||
| 635 | }, | ||||
| 636 | { | ||||
| 637 | "code": "4.12-Devices-Protect-IG3", | ||||
| 638 | "description": "Secure configuration of enterprise assets and software-Separate enterprise workspaces on mobile end-user devices", | ||||
| 639 | "importance": 0, | ||||
| 640 | "uuid": "bde651cc-d6ef-4e2b-ab5e-4aed6699b2e6" | ||||
| 641 | }, | ||||
| 642 | { | ||||
| 643 | "code": "4.2-Network-Protect-IG1", | ||||
| 644 | "description": "Secure configuration of enterprise assets and software-Establish and maintain a secure configuration process for network infrastructure", | ||||
| 645 | "importance": 0, | ||||
| 646 | "uuid": "b9766b93-09d4-4b1b-b848-9c03aaeed19b" | ||||
| 647 | }, | ||||
| 648 | { | ||||
| 649 | "code": "4.3-Users-Protect-IG1", | ||||
| 650 | "description": "Secure configuration of enterprise assets and software-Configure automatic session locking on enterprise assets", | ||||
| 651 | "importance": 0, | ||||
| 652 | "uuid": "7c0f8833-55f5-44a8-b244-b3beb4b28e4d" | ||||
| 653 | }, | ||||
| 654 | { | ||||
| 655 | "code": "4.4-Devices-Protect-IG1", | ||||
| 656 | "description": "Secure configuration of enterprise assets and software-Implement and manage a firewall on servers", | ||||
| 657 | "importance": 0, | ||||
| 658 | "uuid": "28c3e828-507b-4b48-b9a5-98cf200725b0" | ||||
| 659 | }, | ||||
| 660 | { | ||||
| 661 | "code": "4.5-Devices-Protect-IG1", | ||||
| 662 | "description": "Secure configuration of enterprise assets and software-Implement and manage a firewall on end-user devices", | ||||
| 663 | "importance": 0, | ||||
| 664 | "uuid": "5b35e2e9-d622-43e2-90d5-9378af88feaa" | ||||
| 665 | }, | ||||
| 666 | { | ||||
| 667 | "code": "4.6-Network-Protect-IG1", | ||||
| 668 | "description": "Secure configuration of enterprise assets and software-Securely manage enterprise assets and software", | ||||
| 669 | "importance": 0, | ||||
| 670 | "uuid": "f33e930d-5109-4554-88ce-ea57c3328884" | ||||
| 671 | }, | ||||
| 672 | { | ||||
| 673 | "code": "4.7-Users-Protect-IG1", | ||||
| 674 | "description": "Secure configuration of enterprise assets and software-Manage default accounts on enterprise assets and software", | ||||
| 675 | "importance": 0, | ||||
| 676 | "uuid": "b964543d-bf6e-49c6-87c9-4d585bcb8b16" | ||||
| 677 | }, | ||||
| 678 | { | ||||
| 679 | "code": "4.8-Devices-Protect-IG2", | ||||
| 680 | "description": "Secure configuration of enterprise assets and software-Uninstall or disable unnecessary services on enterprise assets and software", | ||||
| 681 | "importance": 0, | ||||
| 682 | "uuid": "de1d62d8-b9da-48b7-acd9-317999d9a242" | ||||
| 683 | }, | ||||
| 684 | { | ||||
| 685 | "code": "4.9-Devices-Protect-IG2", | ||||
| 686 | "description": "Secure configuration of enterprise assets and software-Configure trusted DNS servers on enterprise assets", | ||||
| 687 | "importance": 0, | ||||
| 688 | "uuid": "a6d7262a-2da6-4228-8032-50ea496ca8d3" | ||||
| 689 | }, | ||||
| 690 | { | ||||
| 691 | "code": "5.1-Users-Identify-IG1", | ||||
| 692 | "description": "Account management-Establish and maintain an inventory of accounts", | ||||
| 693 | "importance": 0, | ||||
| 694 | "uuid": "79c1bac9-8681-497d-ae56-b5d7320fcc4e" | ||||
| 695 | }, | ||||
| 696 | { | ||||
| 697 | "code": "5.2-Users-Protect-IG1", | ||||
| 698 | "description": "Account management-Use unique passwords", | ||||
| 699 | "importance": 0, | ||||
| 700 | "uuid": "198f625b-65ba-4355-9d12-ca6b4ce63e58" | ||||
| 701 | }, | ||||
| 702 | { | ||||
| 703 | "code": "5.3-Users-Respond-IG1", | ||||
| 704 | "description": "Account management-Disable dormant accounts", | ||||
| 705 | "importance": 0, | ||||
| 706 | "uuid": "9f5b502d-96c2-4568-a7e2-9d24eeb54ea7" | ||||
| 707 | }, | ||||
| 708 | { | ||||
| 709 | "code": "5.4-Users-Protect-IG1", | ||||
| 710 | "description": "Account management-Restrict administrator privileges to dedicated administrator accounts", | ||||
| 711 | "importance": 0, | ||||
| 712 | "uuid": "efd5342b-ddff-42b0-b5d9-302ece0948c4" | ||||
| 713 | }, | ||||
| 714 | { | ||||
| 715 | "code": "5.5-Users-Identify-IG2", | ||||
| 716 | "description": "Account management-Establish and maintain an inventory of service accounts", | ||||
| 717 | "importance": 0, | ||||
| 718 | "uuid": "127d4313-783f-4c3c-ba54-565d8b843dd0" | ||||
| 719 | }, | ||||
| 720 | { | ||||
| 721 | "code": "5.6-Users-Protect-IG2", | ||||
| 722 | "description": "Account management-Centralize account management", | ||||
| 723 | "importance": 0, | ||||
| 724 | "uuid": "9a7f9aac-6cc2-4e4e-8470-9d56e8c38cc2" | ||||
| 725 | }, | ||||
| 726 | { | ||||
| 727 | "code": "6.1-Users-Protect-IG1", | ||||
| 728 | "description": "Access control management-Establish an access granting process", | ||||
| 729 | "importance": 0, | ||||
| 730 | "uuid": "a45dddcc-87b5-4b3e-8bfb-5e84b556fb45" | ||||
| 731 | }, | ||||
| 732 | { | ||||
| 733 | "code": "6.2-Users-Protect-IG1", | ||||
| 734 | "description": "Access control management-Establish an access revoking process", | ||||
| 735 | "importance": 0, | ||||
| 736 | "uuid": "e0100354-04eb-4e4c-91b3-180d5ac0914d" | ||||
| 737 | }, | ||||
| 738 | { | ||||
| 739 | "code": "6.3-Users-Protect-IG1", | ||||
| 740 | "description": "Access control management-Require MFA for externally-exposed applications", | ||||
| 741 | "importance": 0, | ||||
| 742 | "uuid": "5df20f59-7c9a-4f73-b93d-06a8d9a6e305" | ||||
| 743 | }, | ||||
| 744 | { | ||||
| 745 | "code": "6.4-Users-Protect-IG1", | ||||
| 746 | "description": "Access control management-Require MFA for remote network access", | ||||
| 747 | "importance": 0, | ||||
| 748 | "uuid": "3952da07-2c10-4bfb-922a-4bf7a3efd8a5" | ||||
| 749 | }, | ||||
| 750 | { | ||||
| 751 | "code": "6.5-Users-Protect-IG1", | ||||
| 752 | "description": "Access control management-Require MFA for administrative access", | ||||
| 753 | "importance": 0, | ||||
| 754 | "uuid": "feb19850-2fdf-4e3b-b585-1306ec5a6e3e" | ||||
| 755 | }, | ||||
| 756 | { | ||||
| 757 | "code": "6.6-Users-Identify-IG2", | ||||
| 758 | "description": "Access control management-Establish and maintain an inventory of authentication and authorization systems", | ||||
| 759 | "importance": 0, | ||||
| 760 | "uuid": "3fcea4a8-7455-4108-9519-d96201946178" | ||||
| 761 | }, | ||||
| 762 | { | ||||
| 763 | "code": "6.7-Users-Protect-IG2", | ||||
| 764 | "description": "Access control management-Centralize access control", | ||||
| 765 | "importance": 0, | ||||
| 766 | "uuid": "5d4e75d0-b4a9-407e-97fd-531679846792" | ||||
| 767 | }, | ||||
| 768 | { | ||||
| 769 | "code": "6.8-Data-Protect-IG3", | ||||
| 770 | "description": "Access control management-Define and maintain role-based access control (RBAC)", | ||||
| 771 | "importance": 0, | ||||
| 772 | "uuid": "bb855630-0b87-4f53-a47a-3ca2dab1b031" | ||||
| 773 | }, | ||||
| 774 | { | ||||
| 775 | "code": "7.1-Applications-Protect-IG1", | ||||
| 776 | "description": "Continuous vulnerability management-Establish and maintain a vulnerability management process", | ||||
| 777 | "importance": 0, | ||||
| 778 | "uuid": "7aa13de2-dc5f-439b-978c-b5560f996618" | ||||
| 779 | }, | ||||
| 780 | { | ||||
| 781 | "code": "7.2-Applications-Respond-IG1", | ||||
| 782 | "description": "Continuous vulnerability management-Establish and maintain a remediation process", | ||||
| 783 | "importance": 0, | ||||
| 784 | "uuid": "e7ebffb5-60c8-424a-bee1-a3381548fee4" | ||||
| 785 | }, | ||||
| 786 | { | ||||
| 787 | "code": "7.3-Applications-Protect-IG1", | ||||
| 788 | "description": "Continuous vulnerability management-Perform automated operating system patch management", | ||||
| 789 | "importance": 0, | ||||
| 790 | "uuid": "696a813c-bcfd-4232-a5e7-203f15abd40e" | ||||
| 791 | }, | ||||
| 792 | { | ||||
| 793 | "code": "7.4-Applications-Protect-IG1", | ||||
| 794 | "description": "Continuous vulnerability management-Perform automated application patch management", | ||||
| 795 | "importance": 0, | ||||
| 796 | "uuid": "dae71e2c-d17e-43fb-8c0a-08833ffd4c4c" | ||||
| 797 | }, | ||||
| 798 | { | ||||
| 799 | "code": "7.5-Applications-Identify-IG2", | ||||
| 800 | "description": "Continuous vulnerability management-Perform automated vulnerability scans of internal enterprise assets", | ||||
| 801 | "importance": 0, | ||||
| 802 | "uuid": "4bd271b1-7cb9-487c-aa33-9e9a58333539" | ||||
| 803 | }, | ||||
| 804 | { | ||||
| 805 | "code": "7.6-Applications-Identify-IG2", | ||||
| 806 | "description": "Continuous vulnerability management-Perform automated vulnerability scans of externally-exposed enterprise assets", | ||||
| 807 | "importance": 0, | ||||
| 808 | "uuid": "7cfd1b0c-94a2-4758-b560-22559d6ab0aa" | ||||
| 809 | }, | ||||
| 810 | { | ||||
| 811 | "code": "7.7-Applications-Respond-IG2", | ||||
| 812 | "description": "Continuous vulnerability management-Remediate detected vulnerabilities", | ||||
| 813 | "importance": 0, | ||||
| 814 | "uuid": "1b2a0f89-eff4-45f6-a4d2-1162b4f9833d" | ||||
| 815 | }, | ||||
| 816 | { | ||||
| 817 | "code": "8.1-Network-Protect-IG1", | ||||
| 818 | "description": "Audit log management-Establish and maintain an audit log management process", | ||||
| 819 | "importance": 0, | ||||
| 820 | "uuid": "6587f6b6-8117-4880-9a53-a33d1c45ddac" | ||||
| 821 | }, | ||||
| 822 | { | ||||
| 823 | "code": "8.10-Network-Protect-IG2", | ||||
| 824 | "description": "Audit log management-Retain audit logs", | ||||
| 825 | "importance": 0, | ||||
| 826 | "uuid": "d55223d6-9722-4f41-ae68-cd97baaa3efa" | ||||
| 827 | }, | ||||
| 828 | { | ||||
| 829 | "code": "8.11-Network-Detect-IG2", | ||||
| 830 | "description": "Audit log management-Conduct audit log reviews", | ||||
| 831 | "importance": 0, | ||||
| 832 | "uuid": "51fddb77-d00e-49d5-b6d5-8cc9aeaf28bf" | ||||
| 833 | }, | ||||
| 834 | { | ||||
| 835 | "code": "8.12-Data-Detect-IG3", | ||||
| 836 | "description": "Audit log management-Collect service provider logs", | ||||
| 837 | "importance": 0, | ||||
| 838 | "uuid": "388dda2b-99ed-469b-874f-fb34a8e3da75" | ||||
| 839 | }, | ||||
| 840 | { | ||||
| 841 | "code": "8.2-Network-Detect-IG1", | ||||
| 842 | "description": "Audit log management-Collect audit logs", | ||||
| 843 | "importance": 0, | ||||
| 844 | "uuid": "fc1e36ed-edfd-416d-9aa9-3ffe02870e8c" | ||||
| 845 | }, | ||||
| 846 | { | ||||
| 847 | "code": "8.3-Network-Protect-IG1", | ||||
| 848 | "description": "Audit log management-Ensure adequate audit log storage", | ||||
| 849 | "importance": 0, | ||||
| 850 | "uuid": "b787f52d-d2b2-468b-95dc-c3d45cb558be" | ||||
| 851 | }, | ||||
| 852 | { | ||||
| 853 | "code": "8.4-Network-Protect-IG2", | ||||
| 854 | "description": "Audit log management-Standardize time synchronization", | ||||
| 855 | "importance": 0, | ||||
| 856 | "uuid": "592c3e38-4701-4d48-ae0b-0860d60421e9" | ||||
| 857 | }, | ||||
| 858 | { | ||||
| 859 | "code": "8.5-Network-Detect-IG2", | ||||
| 860 | "description": "Audit log management-Collect detailed audit logs", | ||||
| 861 | "importance": 0, | ||||
| 862 | "uuid": "413b6bf4-baa3-460c-ba86-87d8cae5a7f8" | ||||
| 863 | }, | ||||
| 864 | { | ||||
| 865 | "code": "8.6-Network-Detect-IG2", | ||||
| 866 | "description": "Audit log management-Collect DNS query audit logs", | ||||
| 867 | "importance": 0, | ||||
| 868 | "uuid": "65b355d4-380a-48bb-8816-a6f8664efa5f" | ||||
| 869 | }, | ||||
| 870 | { | ||||
| 871 | "code": "8.7-Network-Detect-IG2", | ||||
| 872 | "description": "Audit log management-Collect URL request audit logs", | ||||
| 873 | "importance": 0, | ||||
| 874 | "uuid": "7872331d-07b1-4f5c-90e3-a6b859e24851" | ||||
| 875 | }, | ||||
| 876 | { | ||||
| 877 | "code": "8.8-Devices-Detect-IG2", | ||||
| 878 | "description": "Audit log management-Collect command-line audit logs", | ||||
| 879 | "importance": 0, | ||||
| 880 | "uuid": "43a1cc08-ce70-41a2-8dd9-7570084128b6" | ||||
| 881 | }, | ||||
| 882 | { | ||||
| 883 | "code": "8.9-Network-Detect-IG2", | ||||
| 884 | "description": "Audit log management-Centralize audit logs", | ||||
| 885 | "importance": 0, | ||||
| 886 | "uuid": "809ac4bb-bea5-49bb-9f52-9763acad34a3" | ||||
| 887 | }, | ||||
| 888 | { | ||||
| 889 | "code": "9.1-Applications-Protect-IG1", | ||||
| 890 | "description": "Email and web browser protections-Ensure use of only fully supported browsers and email clients", | ||||
| 891 | "importance": 0, | ||||
| 892 | "uuid": "3c4d4eaa-adb3-4837-b361-7b7537817172" | ||||
| 893 | }, | ||||
| 894 | { | ||||
| 895 | "code": "9.2-Network-Protect-IG1", | ||||
| 896 | "description": "Email and web browser protections-Use DNS filtering services", | ||||
| 897 | "importance": 0, | ||||
| 898 | "uuid": "934174ab-91fc-4792-bdf7-18c69f3e02fe" | ||||
| 899 | }, | ||||
| 900 | { | ||||
| 901 | "code": "9.3-Network-Protect-IG2", | ||||
| 902 | "description": "Email and web browser protections-Maintain and enforce network-based url filters", | ||||
| 903 | "importance": 0, | ||||
| 904 | "uuid": "ba8ae738-a5b1-4ceb-90ea-702a613a7721" | ||||
| 905 | }, | ||||
| 906 | { | ||||
| 907 | "code": "9.4-Applications-Protect-IG2", | ||||
| 908 | "description": "Email and web browser protections-Restrict unnecessary or unauthorized browser and email client extensions", | ||||
| 909 | "importance": 0, | ||||
| 910 | "uuid": "9e4dd002-04af-44ae-806f-ea57cdfde604" | ||||
| 911 | }, | ||||
| 912 | { | ||||
| 913 | "code": "9.5-Network-Protect-IG2", | ||||
| 914 | "description": "Email and web browser protections-Implement DMARC", | ||||
| 915 | "importance": 0, | ||||
| 916 | "uuid": "f58a964d-47a7-47bb-a8c8-95e97f2c874f" | ||||
| 917 | }, | ||||
| 918 | { | ||||
| 919 | "code": "9.6-Network-Protect-IG2", | ||||
| 920 | "description": "Email and web browser protections-Block unnecessary file types", | ||||
| 921 | "importance": 0, | ||||
| 922 | "uuid": "5296d4df-1df0-492d-b5fe-a93dfc255fb1" | ||||
| 923 | }, | ||||
| 924 | { | ||||
| 925 | "code": "9.7-Network-Protect-IG3", | ||||
| 926 | "description": "Email and web browser protections-Deploy and maintain email server anti-malware protections", | ||||
| 927 | "importance": 0, | ||||
| 928 | "uuid": "a236845e-734b-4632-8b21-4c1d2eb1eff1" | ||||
| 929 | } | ||||
| 930 | ], | ||||
| 931 | "version": 1 | ||||
| 932 | } |