Toolkit
Top 20 Critical Security Controls

Information Security Services and Resources to Assess and Progress Your Security Program

The Center for Internet Security (CIS) Top 20 Critical Security Controls (previously known as the SANS Top 20 Critical Security Controls) are pretty much point of entry for any organization who wants to be prepared to stop today’s most pervasive and dangerous attacks. In other words: If you’re not paying attention to them already, you should get on that, posthaste.

And we have just the resources to get you started. In addition to the 2016 CIS Top 20 Critical Security Controls themselves, we’ve assembled seven other practical resources to help you better understand these key controls and implement them into your organization.

Download your free Top 20 Critical Security Controls toolkit and get access to eight insightful and actionable resources:


CIS Top 20 Critical Security Controls

Start here for a good introduction to the controls and to see which security providers are best suited to help you monitor and improve your implementation of them.

7 Steps to Successfully Implement the Top 20 Controls

Jumpstart or improve your implementation of the Top 20 Critical Security Controls with these seven practical steps designed to get your tactical day-to-day practices – as well as your high-level strategic plans – more aligned with the key controls.

The State of IDR

In 2015, we surveyed 270 security pros to understand their concerns around incident detection and response and the initiatives and solutions they’re running to solve them. This report and webcast sum up our findings and recommendations.

What Is Penetration Testing?

Critical Security Control #20: pen testing! If you’re new to “red team testing,” our white paper will get you up to speed with a clear and succinct intro to the core principals and best practices of penetration testing.

7 Questions to Ask Your DAST Vendor

Another Critical Security Control, application security prevents, detects, and corrects security weaknesses in your apps. This white paper will help you select the dynamic application security testing (DAST) vendor right for you.

Vulnerability Management Buyer’s Guide

This buyer’s guide, along with an easy-to-use checklist, can help you determine your requirements for selecting an effective vulnerability management solution, one of the top five Critical Security Controls.

Rapid7 Cybersecurity Services

Find out what you need to do to make your security program relevant, actionable, and sustainable—and how Rapid7 information security services can help.

Vulnerability Management Buyer’s Guide

This buyer’s guide, along with an easy-to-use checklist, can help you determine your requirements for selecting an effective vulnerability management solution, one of the top five Critical Security Controls.

Rapid7 Cybersecurity Services

Find out what you need to do to make your security program relevant, actionable, and sustainable—and how Rapid7 information security services can help.

Get Access Now