Download our Capabilities Statement Cyber Defense Accelerator Download

 

What makes this cyber defense accelerator different?

GRC and Legal teams gain compliance enablers to check the box on these key cyber risk areas. 

ISO Standards:

    1. ISO/IEC 27001: Information Security Management
      • A.12.6.1: Management of technical vulnerabilities
      • A.13.1.1: Network controls
    2. ISO/IEC 27002: Code of Practice for Information Security Controls
      • 12.6: Technical vulnerability management
      • 13.1: Network security management

NIST Frameworks:

    1. NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
      • CA-7: Continuous Monitoring
      • SC-7: Boundary Protection
      • SI-4: Information System Monitoring
    2. NIST Cybersecurity Framework (CSF)
      • PR.DS-1: Protect Data at Rest
      • DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software
      • RS.MI-3: Mitigate

DISA STIGs (Defense Information Systems Agency Security Technical Implementation Guides)

    1. Network Security STIG
      • V-31409: Network devices must employ automated mechanisms to assist in the tracking of security incidents.
      • V-31773: Network devices must be configured to send log data to a central log server.
    2. Firewall STIG
      • V-17149: Firewalls must be configured to send alerts to the administrator in the event of a critical security event.
      • V-17435: Firewalls must have only authenticated access for administrative users.

Other Frameworks:

    1. PCI DSS (Payment Card Industry Data Security Standard)
      • Requirement 11.4: Use IDS/IPS to detect and alert personnel to suspected compromises.
      • Requirement 6.6: Address common coding vulnerabilities in software-development processes.
    2. HIPAA (Health Insurance Portability and Accountability Act)
      • 164.308(a)(6)(ii): Implement procedures for detecting, preventing, and responding to security incidents.
      • 164.312(b): Implement mechanisms to encrypt and decrypt ePHI.
    3. GDPR (General Data Protection Regulation)
      • Article 32: Security of processing

CIS Controls (Center for Internet Security)

    1. CIS Control 12: Boundary Defense
      • Sub-Control 12.4: Deny communications with known malicious IP addresses.
      • Sub-Control 12.5: Implement application layer filtering.
get-started-now
learn-more-about-osintelligent

Our Corporate Headquarters:

5900 Balcones Drive ​Ste 100, Austin, TX 78731

D-U-N-S number: 119079550

NAICS codes for external cyber threat intelligence in Cybersecurity 541512, 541519, 541611, 541990

International Class 042 - Computer security consultancy in the field of scanning and penetration testing of computers and networks to assess information security vulnerability.
External Cyber Threat Intelligence and Risk Remediation Accelerator for compliance security enablement for ISO 27000n, HITRUST, SOC 2, TISAX, TPN, NIST/CMMC

phone