Effective Cyber Defence
Our practitioners are used to the rigors of security testing and remediation, and are followers of the CREST and SANS Institute methodologies.
The CIS Critical Security Controls are a recommended set of actions for cyber defence that provide specific and actionable ways to stop
today's most
pervasive and dangerous attacks. A principal benefit of the controls is that they prioritise and focus a smaller number of actions with high pay-off
results. The controls are effective because they are derived from the most common attack patterns highlighted in the leading threat reports and vetted
across a very broad community of government and industry practitioners. They were created by the people who know how attacks work - NSA Red and Blue teams,
the US government, law enforcement organisations and some of the nation's top forensics and incident response organisations -
to answer the question, "what do we need to do to stop known attacks." The respective industry experts reached a consensus and today we have the most
current controls documented in open-source for all to use.
The key to the continued value is that the controls are updated based on new attacks that are identified and analysed by our security peers so that
these controls can stop or mitigate new attacks.
For more information on security benchmarking and CIS controls please visit: https://www.cisecurity.org/critical-controls/
Policy Guidance against critical controls
Our consultants are versed in the following 20 Critical Control Categories:
- Inventory Authorised & Unauthorised Devices
- Inventory of Authorized and Unauthorised Software
- Secure Configurations for Hardware and Software on End User Devices
- Continuous Vulnerability Assessment and Remediation
- Malware Defences
- Application Software Security
- Wireless Device Control
- Data Recovery Capability
- Security Skills Assessment and Appropriate Training to Fill Gaps
- Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
- Limitation and Control of Network Ports, Protocols, and Services
- Controlled Use of Administrative Privileges
- Boundary Defence
- Maintenance, Monitoring, and Analysis of Audit Logs
- Controlled Access Based on the Need to Know
- Account Monitoring and Control
- Data Loss Prevention
- Incident Response and Management
- Secure Network Engineering
- Penetration Testing & Red Teaming