Skip to content
    Request A Free Trial
    it asset management

    What are CIS Controls?

    CIS Security Controls “are a prioritized set of Safeguards to mitigate the most prevalent cyber attacks against systems and networks,” according to the Center for Internet Security (CIS). Developed by a global IT community, CIS Controls are a prioritized set of actions and best practices trusted by security leaders in both the public and private sector.

    How many CIS Controls are there?

    CIS Controls version 8 has combined and consolidated the CIS Controls by activities. This consolidation has reduced the number of CIS controls from 20 to 18. The CIS Controls are:

    • CIS Control 1: Inventory and Control of Enterprise Assets
    • CIS Control 2: Inventory and Control of Software Assets
    • CIS Control 3: Data Protection
    • CIS Control 4: Secure Configuration of Enterprise Assets and Software
    • CIS Control 5: Account Management
    • CIS Control 6: Access Control Management
    • CIS Control 7: Continuous Vulnerability Management
    • CIS Control 8: Audit Log Management
    • CIS Control 9: Email and Web Browser Protections
    • CIS Control 10: Malware Defenses
    • CIS Control 11: Data Recovery
    • CIS Control 12: Network Infrastructure Management
    • CIS Control 13: Network Monitoring and Defense
    • CIS Control 14: Security Awareness and Skills Training
    • CIS Control 15: Service Provider Management
    • CIS Control 16: Application Software Security
    • CIS Control 17: Incident Response Management
    • CIS Control 18: Penetration Testing

    Why are CIS Controls important?

    The CIS Controls are important because they reduce the risk of data breaches, identity theft, privacy loss, and other cyber attacks.

    Learn how cybersecurity asset management from Axonius helps you maintain  all of the CIS Controls.

    See the Platform

    See the Axonius Platform for yourself with an interactive product tour, where we'll guide you through key applications of our Cybersecurity Asset Management and SaaS Management solutions.

    Get a Free Trial

    Sign-up for a free full-access 30 day trial to learn how Axonius gives IT and security teams a comprehensive understanding of all assets, their relationships, and business-level context including devices, identities, software, SaaS applications, vulnerabilities and security controls, and more.

    Book a Demo

    Request a demo to learn how the Axonius Platform provides a system of record for all digital infrastructure helping IT and security teams manage an always-expanding sprawl of devices, users, software, SaaS applications, cloud services, and the tools used to manage and secure them.