Comment on Technical Controls
scytale@lemm.ee 8 months ago
ISO27001 for policy development. CIS benchmarks for configuration. CIS controls for assessments. NIST for guidelines.
Comment on Technical Controls
scytale@lemm.ee 8 months ago
ISO27001 for policy development. CIS benchmarks for configuration. CIS controls for assessments. NIST for guidelines.
redfox@infosec.pub 8 months ago
How far do you guys go?
'All of it’s or until it’s inconvenient?
What’s the pain tolerance for when everyone says it makes the job too hard?
Ever compared CIS controls to STIG ACAP?
I’ve only ever used SCAP for a few reasons z but one being it’s free.