Comment on Technical Controls
scytale@lemm.ee 1 year ago
ISO27001 for policy development. CIS benchmarks for configuration. CIS controls for assessments. NIST for guidelines.
Comment on Technical Controls
scytale@lemm.ee 1 year ago
ISO27001 for policy development. CIS benchmarks for configuration. CIS controls for assessments. NIST for guidelines.
redfox@infosec.pub 1 year ago
How far do you guys go?
'All of it’s or until it’s inconvenient?
What’s the pain tolerance for when everyone says it makes the job too hard?
Ever compared CIS controls to STIG ACAP?
I’ve only ever used SCAP for a few reasons z but one being it’s free.