SANS Top 20 Critical Security Controls 9-12

Oct 08, 2015

SANS Top 20 Critical Security Controls 9-12

The SANS SANS Top 20 Critical Security Controls are an industry and (for the most part) vendor neutral set of controls that organizations are encouraged to implement to ensure they are cognizant of security issues and can respond accordingly. This episode deals exclusively with the third 4 (Numbers 9-12) controls in-depth, so to not overwhelm listeners with what is shaping up to be a nearly 3 hour podcast.

If you want to discuss how Advanced Persistent Security can help you implement the SANS Top 20 Critical Security Controls, please contact Advanced Persistent Security Sales.

Content

This week, we begin to discuss the SANS Top 20 Critical Security Controls, this week we cover the following 4 Controls:

SANS Top 20 Critical Security Controls, #9: Security Skills Assessment and Appropriate Training to Fill Gaps

SANS Top 20 Critical Security Controls, #10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches

SANS Top 20 Critical Security Controls, #11: Limitation and Control of Network Ports, Protocols, and Services

SANS Top 20 Critical Security Controls, #12: Controlled Use of Administrative Privileges

DISCLAIMER: Aside from receiving training from SANS and holding a certification from their partner organization, GIAC, neither Advanced Persistent Security nor myself, Joe Gray are affiliated with SANS. This podcast is authorized via SANS open use clause and is not officially authorized by SANS. There is no compensation to Advanced Persistent Security nor myself, Joe Gray for doing this podcast. The purpose is to increase awareness using open frameworks.

If you have any questions or concerns about the podcast or something you want featured on the podcast, please email us at podcast@advancedpersistentsecurity.net

Thanks for stopping by and listening to our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens to this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Be sure to subscribe to this podcast and to our Blog.