CIS Critical Security Controls V7

Overview CSC V7 control 18.4 recommends that organisations “Only use up-to-date and trusted third-party components for the software developed by...

Overview CSC V7 control 18.5 recommends that organisations “Use only standardized and extensively reviewed encryption algorithms. Note CSC V7 places...

Overview CSC V7 control 18.6 recommends that organisations “Ensure that all software development personnel receive training in writing secure code...

Overview CSC V7 control 18.7 recommends that organisations “Apply static and dynamic analysis tools to verify that secure coding practices...

Overview CSC V7 control 18.8 recommends that organisations “Establish a process to accept and address reports of software vulnerabilities, including...

Overview CSC V7 control 18.9 recommends that organisations “Maintain separate environments for production and nonproduction systems. Developers should not have...

Overview CSC V7 control 18.10 recommends that organisations “Protect web applications by deploying web application firewalls (WAFs) that inspect all...

Overview CSC V7 control 18.11 recommends that organisations “For applications that rely on a database, use standard hardening configuration templates....

Overview CSC V7 control 19 recommends that organisations “ Note CSC V7 places this control in the category of “Incident...

Overview CSC V7 control 19.1 recommends that organisations “Ensure that there are written incident response plans that defines roles of...