SANS Top 20 Critical Security Controls 1-4
The SANS SANS Top 20 Critical Security Controls are an industry and (for the most part) vendor neutral set of controls that organizations are encouraged to implement to ensure they are cognizant of security issues and can respond accordingly. This episode deals exclusively with the first 4 controls in-depth, so to not overwhelm listeners with what is shaping up to be a nearly 3 hour podcast.
If you want to discuss how Advanced Persistent Security can help you implement the SANS Top 20 Critical Security Controls, please contact Advanced Persistent Security Sales.
This week, we begin to discuss the SANS Top 20 Critical Security Controls, this week we cover the following 4 Controls:
SANS Top 20 Critical Security Controls, #1: Inventory of Authorized and Unauthorized Devices
SANS Top 20 Critical Security Controls, #2: Inventory of Authorized and Unauthorized Software
SANS Top 20 Critical Security Controls, #3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
SANS Top 20 Critical Security Controls, #4: Continuous Vulnerability Assessment and Remediation
The Center for Internet Security Benchmarks Program
The NIST National Checklist Program
DISCLAIMER: Aside from receiving training from SANS and holding a certification from their partner organization, GIAC, neither Advanced Persistent Security nor myself, Joe Gray are affiliated with SANS. This podcast is authorized via SANS open use clause and is not officially authorized by SANS. There is no compensation to Advanced Persistent Security nor myself, Joe Gray for doing this podcast. The purpose is to increase awareness using open frameworks.
If you have any questions or concerns about the podcast or something you want featured on the podcast, please email us at firstname.lastname@example.org
Thanks for stopping by and listening to our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens to this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Be sure to subscribe to this podcast and to our Blog.