Security Control Frameworks

MSgtRedFox@infosec.pub to

Blue Team@infosec.pub · 2 years ago

I’m not a vendor, I’m just curious what experience people have with implementing security control frameworks?

DOD uses DISA STIGs. Else uses CIS benchmarks, or self developed based of NIST CSF?

To what degree is your organization using any of these?

Are they enforced? Monitored?

Using any vendor solutions that don’t suck?

Does anyone care except you (hopefully 😉)

You must log in or # to comment.

Chat

Blue Team@infosec.pub

blueteam@infosec.pub

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteam@infosec.pub

Blue Teamers are the first (and sometimes last) line of defense in the ongoing cyber war. This place is to chat out detection strategies, complain about SIEMs, compare SOAR playbooks, or post mean memes about the Red Team.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
1 user / week
1 user / month
1 user / 6 months
1 local subscriber
619 subscribers
19 Posts
24 Comments
Modlog

mods:
Xavier Ashe@infosec.pub