{"framework":"cis-v8.1","framework_label":"CIS v8.1","controls":[{"control_id":"CIS-1","title":"Inventory and Control of Enterprise Assets","family":"1","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-1.1","title":"Establish and Maintain Detailed Enterprise Asset Inventory","family":"1","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-1"},{"control_id":"CIS-1.2","title":"Address Unauthorized Assets","family":"1","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-1"},{"control_id":"CIS-10","title":"Malware Defenses","family":"10","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-10.1","title":"Deploy and Maintain Anti-Malware Software","family":"10","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-10"},{"control_id":"CIS-10.2","title":"Configure Automatic Anti-Malware Signature Updates","family":"10","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-10"},{"control_id":"CIS-10.7","title":"Use Behavior-Based Anti-Malware Software","family":"10","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-10"},{"control_id":"CIS-11","title":"Data Recovery","family":"11","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-11.1","title":"Establish and Maintain a Data Recovery Process","family":"11","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-11"},{"control_id":"CIS-11.2","title":"Perform Automated Backups","family":"11","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-11"},{"control_id":"CIS-11.3","title":"Protect Recovery Data","family":"11","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-11"},{"control_id":"CIS-11.4","title":"Establish and Maintain an Isolated Instance of Recovery Data","family":"11","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-11"},{"control_id":"CIS-12","title":"Network Infrastructure Management","family":"12","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-12.1","title":"Ensure Network Infrastructure is Up-to-Date","family":"12","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-12"},{"control_id":"CIS-13","title":"Network Monitoring and Defense","family":"13","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-13.1","title":"Centralize Security Event Alerting","family":"13","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-13"},{"control_id":"CIS-13.6","title":"Collect Network Traffic Flow Logs","family":"13","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-13"},{"control_id":"CIS-14","title":"Security Awareness and Skills Training","family":"14","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-14.1","title":"Establish and Maintain a Security Awareness Program","family":"14","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-14"},{"control_id":"CIS-14.2","title":"Train Workforce Members to Recognize Social Engineering Attacks","family":"14","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-14"},{"control_id":"CIS-14.3","title":"Train Workforce Members on Authentication Best Practices","family":"14","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-14"},{"control_id":"CIS-15","title":"Service Provider Management","family":"15","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-15.1","title":"Establish and Maintain an Inventory of Service Providers","family":"15","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-15"},{"control_id":"CIS-16","title":"Application Software Security","family":"16","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-16.1","title":"Establish and Maintain a Secure Application Development Process","family":"16","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-16"},{"control_id":"CIS-16.11","title":"Leverage Vetted Modules or Services for Application Security Components","family":"16","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-16"},{"control_id":"CIS-17","title":"Incident Response Management","family":"17","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-17.1","title":"Designate Personnel to Manage Incident Handling","family":"17","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-17"},{"control_id":"CIS-17.2","title":"Establish and Maintain Contact Information for Reporting Security Incidents","family":"17","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-17"},{"control_id":"CIS-17.3","title":"Establish and Maintain an Enterprise Process for Reporting Incidents","family":"17","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-17"},{"control_id":"CIS-18","title":"Penetration Testing","family":"18","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-18.1","title":"Establish and Maintain a Penetration Testing Program","family":"18","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-18"},{"control_id":"CIS-2","title":"Inventory and Control of Software Assets","family":"2","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-2.1","title":"Establish and Maintain a Software Inventory","family":"2","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-2"},{"control_id":"CIS-2.2","title":"Ensure Authorized Software is Currently Supported","family":"2","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-2"},{"control_id":"CIS-2.3","title":"Address Unauthorized Software","family":"2","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-2"},{"control_id":"CIS-3","title":"Data Protection","family":"3","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-3.1","title":"Establish and Maintain a Data Management Process","family":"3","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-3"},{"control_id":"CIS-3.3","title":"Configure Data Access Control Lists","family":"3","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-3"},{"control_id":"CIS-3.4","title":"Enforce Data Retention","family":"3","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-3"},{"control_id":"CIS-4","title":"Secure Configuration of Enterprise Assets and Software","family":"4","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-4.1","title":"Establish and Maintain a Secure Configuration Process","family":"4","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-4"},{"control_id":"CIS-4.7","title":"Manage Default Accounts on Enterprise Assets and Software","family":"4","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-4"},{"control_id":"CIS-5","title":"Account Management","family":"5","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-5.2","title":"Use Unique Passwords","family":"5","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-5"},{"control_id":"CIS-5.3","title":"Disable Dormant Accounts","family":"5","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-5"},{"control_id":"CIS-6","title":"Access Control Management","family":"6","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-6.3","title":"Require MFA for Externally-Exposed Applications","family":"6","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-6"},{"control_id":"CIS-6.4","title":"Require MFA for Remote Network Access","family":"6","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-6"},{"control_id":"CIS-6.5","title":"Require MFA for Administrative Access","family":"6","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-6"},{"control_id":"CIS-7","title":"Continuous Vulnerability Management","family":"7","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-7.1","title":"Establish and Maintain a Vulnerability Management Process","family":"7","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-7"},{"control_id":"CIS-7.3","title":"Perform Automated Operating System Patch Management","family":"7","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-7"},{"control_id":"CIS-7.4","title":"Perform Automated Application Patch Management","family":"7","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-7"},{"control_id":"CIS-7.7","title":"Remediate Detected Vulnerabilities","family":"7","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-7"},{"control_id":"CIS-8","title":"Audit Log Management","family":"8","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-8.11","title":"Conduct Audit Log Reviews","family":"8","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-8"},{"control_id":"CIS-8.2","title":"Collect Audit Logs","family":"8","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-8"},{"control_id":"CIS-8.5","title":"Collect Detailed Audit Logs","family":"8","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-8"},{"control_id":"CIS-9","title":"Email and Web Browser Protections","family":"9","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"CIS-9.3","title":"Maintain and Enforce Network-Based URL Filters","family":"9","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-9"},{"control_id":"CIS-9.6","title":"Block Unnecessary File Types","family":"9","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":true,"base_control_id":"CIS-9"}],"families":[{"family":"1","controls":3,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"10","controls":4,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"11","controls":5,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"12","controls":2,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"13","controls":3,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"14","controls":4,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"15","controls":2,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"16","controls":3,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"17","controls":4,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"18","controls":2,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"2","controls":4,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"3","controls":4,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"4","controls":3,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"5","controls":3,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"6","controls":4,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"7","controls":5,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"8","controls":4,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0},{"family":"9","controls":3,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"coverage_pct":0}],"total_controls":62,"controls_with_mapping":0,"distinct_techniques":0,"detectable_techniques":0,"overall_coverage_pct":0,"unmapped_enhancements":44,"no_mappings_at_all":true}