Security Control Frameworks

MSgtRedFox to

Blue Team · 6 months ago

I’m not a vendor, I’m just curious what experience people have with implementing security control frameworks?

DOD uses DISA STIGs. Else uses CIS benchmarks, or self developed based of NIST CSF?

To what degree is your organization using any of these?

Are they enforced? Monitored?

Using any vendor solutions that don’t suck?

Does anyone care except you (hopefully 😉)

You must log in or register to comment.

Chat

Blue Team

blueteam

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteam@infosec.pub

Blue Teamers are the first (and sometimes last) line of defense in the ongoing cyber war. This place is to chat out detection strategies, complain about SIEMs, compare SOAR playbooks, or post mean memes about the Red Team.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
1 user / week
1 user / month
4 users / 6 months
285 local subscribers
569 subscribers
18 Posts
39 Comments
Modlog

mods:
Xavier Ashe