This post serves as a list of the resources discussed at the AmherstSec Meetup on Wednesday December 11, 2019.
If you’d rather skip to the resources section, here are the links referenced throughout the discussion:
- CIS Homepage: https://www.cisecurity.org/
- Overview of all CIS resources
- CIS Benchmarks: https://www.cisecurity.org/cis-benchmarks/
- Device security checklists / guidance documents
- CIS Workbench: https://workbench.cisecurity.org/
- Access to custom benchmark files and remediation kits
- CIS-CAT Pro Wiki: https://cis-cat-pro-dashboard.readthedocs.io/en/stable/
- Documentation supporting the CIS-CAT Pro tool(s)
- CIS RAM: https://learn.cisecurity.org/cis-ram
- “information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls cybersecurity best practices”
- CIS Controls: https://www.cisecurity.org/controls/
- CIS Critical Security Controls and related documents
- CIS CSAT Dashboard: https://csat.cisecurity.org
- Web GUI for tracking CIS Control implementation status
- CIS Measures and Metrics: https://www.cisecurity.org/controls/
- “One ask per control” reporting of status
- CIS-CAT lite: https://www.cisecurity.org/blog/introducing-cis-cat-lite/
- Free version of the Configuration Assessment Tool
The Personal Blog of Sean Goodwin 