Below are show notes for an episode of the 7 Minute Security podcast, a weekly podcast I publish that focuses on topics such as penetration testing, network configuration, blue-teaming and career advice. I welcome you to subscribe in your favorite podcast app so you don't miss an episode!
Did I mention I love the Critical Security Controls? I do. And here's an absolute diamond I found this week:
This site (http://www.auditscripts.com/free-resources/critical-security-controls/) offers awesome CSC-mapping tools (and they're free!), specifically:
A spreadsheet with how the CSCs map to other popular frameworks like ISO and NIST
A manual assessment tool for measuring your org - or someone else's org - against the CSCs. Flippin' sweet right? RIGHT!
Lastly, I built an LOL-worthy pentesting recon tool called SSOTT (Scan Some of the Things) that might help you automate some NMAPing, DIRBing, NIKTOing, and the like. Cheggitout!