Using File Monitoring to Limit Admin Rights

James TaralaAdmin Rights, Critical Security Controls, Tools

Over the past few weeks we have been posting blogs about the importance of limiting user account rights to only what is necessary for someone to do their job. Users should have all the rights necessary to do their job, but nothing less and certainly not any more. This includes local administrator rights. Only the people that absolutely need those … Read More

Sensors for the Critical Security Controls

James TaralaCritical Security Controls, Tools

Most people in information security have heard of the Critical Security Controls these days. The idea of a community risk assessment project that helps all prioritize our information security efforts is appealing to most of us. The sticking question everyone always comes back to though is “how do I start implementing an information security plan using the controls?” There are … Read More

Critical Security Controls Maturity Model

James TaralaCritical Security Controls, Metrics

One of the projects that we have been thoroughly engaged on at AuditScripts.com has been to work with the Council on Cybersecurity on the Critical Security Controls project. If you haven’t had a chance to see the project, I would strongly recommend that you take a look. The full text can be most easily found at the SANS Institute at … Read More

Critical Security Control Whitepapers

James TaralaCritical Security Controls

In some of our training we’ve mentioned to people that we’ve published a number a whitepapers on the Critical Security Controls in conjunction with the SANS Institute and various other vendors. Unfortunately we’ve also discovered that many of these whitepapers can be difficult to locate on the SANS Institute’s website. So we wanted to compile a list of some of … Read More