See Resources

SANS & Top 20 CIS Critical Controls

Qualys Solutions for IT Security & Compliance

Qualys' continuous security approach to IT security and compliance enables organizations of all sizes to successfully achieve both vulnerability management and policy compliance initiatives cohesively, while reducing costs and streamlining operations. Using an innovative Software as a Service (SaaS) approach, the Qualys® Security and Compliance Suite combines Qualys' industry leading vulnerability management service with a comprehensive IT compliance solution.

Related Links

Automating the Top 20 CIS Critical Security Controls

Download the Automating the Top 20 CIS Critical Security Controls whitepaper

The Top 20 CIS Critical Security Controls (CSCs) are a prioritized, risk-based approach to cyber security created in coordination with the SANS Institute. They are the result of a consensus process that involved a wide variety of cyber security professionals from government and industry, who were asked: "In practice, what works and where do you start?" The CSCs have become a blueprint to help Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) to deploy the most effective processes and tools to secure all their computer systems according to risk. Five tenets were fundamental defining the CSCs:

By following the guidelines of CSCs, your organization can ensure the confidentiality, integrity and availability of its information technology assets.

Why the Critical Controls Matter to Your Organization

Depending on your organization, threats to your computer systems can come from sovereign states, terrorists, criminals, lone hackers, and through mistakes committed by staff and contractors. A successful exploit of a critical system could be disastrous if it stopped vital functions in industries such as financial services or transportation or essential functions of government. The CSCs simplify the deployment of a comprehensive security program by focusing on proven risk reduction efforts that can lower exposure by 80 percent or more. For federal agencies, the use of CSCs also can put your agency well on the path to compliance with FISMA – requirements that may also apply to contractors providing services to your agency.

How Qualys Helps Automate Critical Controls

As a critical tenet for the CSCs, automation provides a key role in achieving reliability, scalability and continuous security. This emphasis aligns well with Qualys’ continuous security and compliance delivery model. Because the Qualys Cloud Platform offers a set of extensible services, organizations can achieve rapid implementation of the majority of the controls with a single solution. Additionally, Qualys solutions can be deployed from the cloud within a matter of hours, without costly Professional Services or any additional software or hardware requirements.

For a detailed explanation of how Qualys helps with each of the 20 controls, download the Automating the Top 20 CIS Critical Security Controls whitepaper.

Email or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Free Trial & Tools
Popular Topics