7 Minute Security

Blog

Blog

7MS #291: The Quest for Critical Security Controls - Part 4

csc.png

Below are show notes for an episode of the 7 Minute Security podcast, a weekly podcast I publish that focuses on topics such as penetration testing, network configuration, blue-teaming and career advice. I welcome you to subscribe in your favorite podcast app so you don't miss an episode!

Intro

Did I mention I love the Critical Security Controls? I do. And here's an absolute diamond I found this week:

This site (http://www.auditscripts.com/free-resources/critical-security-controls/) offers awesome CSC-mapping tools (and they're free!), specifically:

  • A spreadsheet with how the CSCs map to other popular frameworks like ISO and NIST

  • A manual assessment tool for measuring your org - or someone else's org - against the CSCs. Flippin' sweet right? RIGHT!

Also, be sure to come and Slack chat with us, as my pal hackernovice is building a tool called MacMon to help you satisfy CSC #1!

Lastly, I built an LOL-worthy pentesting recon tool called SSOTT (Scan Some of the Things) that might help you automate some NMAPing, DIRBing, NIKTOing, and the like. Cheggitout!

Audio