CIS v8.1 — Compliance Controls · threatengine.sh

Home/Compliance

cis-v8.1

CIS Controls v8.1. Security Controls

62 controls · cross-mapped to ATT&CK techniques

Translate between regulatory language and what attackers actually do. Each control maps to MITRE ATT&CK techniques; open a control to see those techniques and whether we hold detection coverage for them.

NIST 800-53 (1246)NIST CSF (106)ISO 27001:2022 (93)PCI-DSS v4.0 (75)CIS v8.1 (62)CRI Profile (60)CSA CCM v4 (57)SOC 2 TSC (57)OWASP API (10)OWASP Mobile (10)OWASP Web (10)

62

Total controls

0%

Detection coverage

0

Covered controls

62

Coverage gaps

▤ Export audit (CSV) Coverage report Self-assessment Showing gaps only ×

▶ Check your own detection coverage

Paste the ATT&CK technique IDs you have Sigma/YARA rules for (one per line, e.g. T1059, T1190). The controls below will update to show YOUR coverage instead of ours.

Red team insight A cis-v8.1 compliant org should have detection for the green-tagged techniques below. Controls showing no technique coverage are likely blind spots. Use gaps view to enumerate unmonitored attack paths.

▤

Controls

62 shown of 62

CIS-1

Inventory and Control of Enterprise Assets

IG1

Actively manage (inventory, track, and correct) all enterprise assets connected to the infrastructure physically, virtually, remotely, and those within cloud environments.

family 1 framework cis-v8.1

CIS-1.1

Establish and Maintain Detailed Enterprise Asset Inventory

IG1

family 1 framework cis-v8.1

CIS-1.2

Address Unauthorized Assets

IG1

family 1 framework cis-v8.1

CIS-10

Malware Defenses

IG1

Prevent or control the installation, spread, and execution of malicious applications, code, or scripts on enterprise assets.

family 10 framework cis-v8.1

CIS-10.1

Deploy and Maintain Anti-Malware Software

IG1

family 10 framework cis-v8.1

CIS-10.2

Configure Automatic Anti-Malware Signature Updates

IG1

family 10 framework cis-v8.1

CIS-10.7

Use Behavior-Based Anti-Malware Software

IG2

family 10 framework cis-v8.1

CIS-11

IG1

Establish and maintain data recovery practices sufficient to restore in-scope enterprise assets to a pre-incident and trusted state.

family 11 framework cis-v8.1

CIS-11.1

Establish and Maintain a Data Recovery Process

IG1

family 11 framework cis-v8.1

CIS-11.2

Perform Automated Backups

IG1

family 11 framework cis-v8.1

CIS-11.3

Protect Recovery Data

IG1

family 11 framework cis-v8.1

CIS-11.4

Establish and Maintain an Isolated Instance of Recovery Data

IG1

family 11 framework cis-v8.1

CIS-12

Network Infrastructure Management

IG2

Establish, implement, and actively manage network devices to prevent attackers from exploiting vulnerable network services and access points.

family 12 framework cis-v8.1

CIS-12.1

Ensure Network Infrastructure is Up-to-Date

IG1

family 12 framework cis-v8.1

CIS-13

Network Monitoring and Defense

IG2

Operate processes and tooling to establish and maintain comprehensive network monitoring and defense.

family 13 framework cis-v8.1

CIS-13.1

Centralize Security Event Alerting

IG2

family 13 framework cis-v8.1

CIS-13.6

Collect Network Traffic Flow Logs

IG2

family 13 framework cis-v8.1

CIS-14

Security Awareness and Skills Training

IG1

Establish and maintain a security awareness program to influence behavior among the workforce.

family 14 framework cis-v8.1

CIS-14.1

Establish and Maintain a Security Awareness Program

IG1

family 14 framework cis-v8.1

CIS-14.2

Train Workforce Members to Recognize Social Engineering Attacks

IG1

family 14 framework cis-v8.1

CIS-14.3

Train Workforce Members on Authentication Best Practices

IG1

family 14 framework cis-v8.1

CIS-15

Service Provider Management

IG1

Develop a process to evaluate service providers who hold sensitive data or are responsible for an enterprise’s critical IT platforms or processes.

family 15 framework cis-v8.1

CIS-15.1

Establish and Maintain an Inventory of Service Providers

IG1

family 15 framework cis-v8.1

CIS-16

Application Software Security

IG2

Manage the security life cycle of in-house developed, hosted, or acquired software to prevent, detect, and remediate security weaknesses before they can impact the enterprise.

family 16 framework cis-v8.1

CIS-16.1

Establish and Maintain a Secure Application Development Process

IG2

family 16 framework cis-v8.1

CIS-16.11

Leverage Vetted Modules or Services for Application Security Components

IG2

family 16 framework cis-v8.1

CIS-17

Incident Response Management

IG1

Establish a program to develop and maintain an incident response capability to prepare, detect, and quickly respond to an attack.

family 17 framework cis-v8.1

CIS-17.1

Designate Personnel to Manage Incident Handling

IG1

family 17 framework cis-v8.1

CIS-17.2

Establish and Maintain Contact Information for Reporting Security Incidents

IG1

family 17 framework cis-v8.1

CIS-17.3

Establish and Maintain an Enterprise Process for Reporting Incidents

IG1

family 17 framework cis-v8.1

CIS-18

Penetration Testing

IG2

Test the effectiveness and resiliency of enterprise assets through identifying and exploiting weaknesses in controls and simulating the objectives and actions of an attacker.

family 18 framework cis-v8.1

CIS-18.1

Establish and Maintain a Penetration Testing Program

IG2

family 18 framework cis-v8.1

CIS-2

Inventory and Control of Software Assets

IG1

Actively manage (inventory, track, and correct) all software (operating systems and applications) on the network so that only authorized software is installed and can execute.

family 2 framework cis-v8.1

CIS-2.1

Establish and Maintain a Software Inventory

IG1

family 2 framework cis-v8.1

CIS-2.2

Ensure Authorized Software is Currently Supported

IG1

family 2 framework cis-v8.1

CIS-2.3

Address Unauthorized Software

IG1

family 2 framework cis-v8.1

CIS-3

Data Protection

IG1

Develop processes and technical controls to identify, classify, securely handle, retain, and dispose of data.

family 3 framework cis-v8.1

CIS-3.1

Establish and Maintain a Data Management Process

IG1

family 3 framework cis-v8.1

CIS-3.3

Configure Data Access Control Lists

IG1

family 3 framework cis-v8.1

CIS-3.4

Enforce Data Retention

IG1

family 3 framework cis-v8.1

CIS-4

Secure Configuration of Enterprise Assets and Software

IG1

Establish and maintain the secure configuration of enterprise assets and software.

family 4 framework cis-v8.1

CIS-4.1

Establish and Maintain a Secure Configuration Process

IG1

family 4 framework cis-v8.1

CIS-4.7

Manage Default Accounts on Enterprise Assets and Software

IG1

family 4 framework cis-v8.1

CIS-5

Account Management

IG1

Use processes and tools to assign and manage authorization to credentials for user accounts.

family 5 framework cis-v8.1

CIS-5.2

Use Unique Passwords

IG1

family 5 framework cis-v8.1

CIS-5.3

Disable Dormant Accounts

IG1

family 5 framework cis-v8.1

CIS-6

Access Control Management

IG1

Use processes and tools to create, assign, manage, and revoke access credentials and privileges for user, administrator, and service accounts.

family 6 framework cis-v8.1

CIS-6.3

Require MFA for Externally-Exposed Applications

IG1

family 6 framework cis-v8.1

CIS-6.4

Require MFA for Remote Network Access

IG1

family 6 framework cis-v8.1

CIS-6.5

Require MFA for Administrative Access

IG1

family 6 framework cis-v8.1

CIS-7

Continuous Vulnerability Management

IG1

Develop a plan to continuously assess and track vulnerabilities on all enterprise assets within the enterprise infrastructure.

family 7 framework cis-v8.1

CIS-7.1

Establish and Maintain a Vulnerability Management Process

IG1

family 7 framework cis-v8.1

CIS-7.3

Perform Automated Operating System Patch Management

IG1

family 7 framework cis-v8.1

CIS-7.4

Perform Automated Application Patch Management

IG1

family 7 framework cis-v8.1

CIS-7.7

Remediate Detected Vulnerabilities

IG1

family 7 framework cis-v8.1

CIS-8

Audit Log Management

IG1

Collect, alert, review, and retain audit logs of events that could help detect, understand, or recover from an attack.

family 8 framework cis-v8.1

CIS-8.11

Conduct Audit Log Reviews

IG2

family 8 framework cis-v8.1

CIS-8.2

Collect Audit Logs

IG1

family 8 framework cis-v8.1

CIS-8.5

Collect Detailed Audit Logs

IG2

family 8 framework cis-v8.1

CIS-9

Email and Web Browser Protections

IG1

Improve protections and detections of threats from email and web vectors.

family 9 framework cis-v8.1

CIS-9.3

Maintain and Enforce Network-Based URL Filters

IG2

family 9 framework cis-v8.1

CIS-9.6

Block Unnecessary File Types

IG2

family 9 framework cis-v8.1

Showing 1-62 of 62

Prev 1 Next

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin