🎯
CIS Critical Security Controls v8
The CIS Critical Security Controls v8 — 18 prioritized, prescriptive safeguards used worldwide as a pragmatic baseline (and the basis of many regulatory cross-walks). EchelonGraph live-scores the controls that map to cloud posture, so your CIS Controls program is continuously measured, not self-attested.
9 high1 medium
CIS-V8-1high
Inventory & Control of Enterprise Assets
Actively manage all enterprise assets.
CIS-V8-3high
Data Protection
Identify, classify, and protect data via encryption.
CIS-V8-4high
Secure Configuration of Enterprise Assets
Establish and maintain secure configurations.
CIS-V8-5high
Account Management
Manage the lifecycle of accounts and credentials.
CIS-V8-6high
Access Control Management
Grant and revoke access rights with MFA.
CIS-V8-7high
Continuous Vulnerability Management
Continuously assess and remediate vulnerabilities.
CIS-V8-8high
Audit Log Management
Collect, review, and retain audit logs.
CIS-V8-10high
Malware Defenses
Control the installation and execution of malware.
CIS-V8-12high
Network Infrastructure Management
Securely manage network infrastructure.
CIS-V8-13medium
Network Monitoring & Defense
Monitor and defend the network.