CIS Control Coverage & Zorus

CIS Version 8 Security Best Practices (which include the CIS Controls and CIS Benchmarks)

The Center for Internet Security (CIS) publishes the CIS Critical Security Controls (CSC) to help organizations better defend against known attacks by distilling key security concepts into actionable controls to achieve greater overall cybersecurity defense.
These activities ensure that the CIS Security Best Practices (which include the CIS Controls and CIS Benchmarks) are more than a checklist of “good things to do,” or “things that could help”; instead, they are a prescriptive, prioritized, highly focused set of actions that have a community support network to make them implementable, usable, scalable, and in alignment with all industry or government security requirements.
For additional information, reference https://www.cisecurity.org/controls/v8
Zorus offers coverage for the following CIS Controls and Safeguards

CIS Control

CIS Safeguard

Asset Type

Security Function

Title

Description

Zorus Coverage

4

4.9

Devices

Protect

Configure Trusted DNS Servers on Enterprise Assets

Configure trusted DNS servers on enterprise assets. Example implementations include: configuring assets to use enterprise-controlled DNS servers and/or reputable externally accessible DNS servers. 

We offer Trusted DNS Servers on Network Filtering ONLY. Endpoint solution does not alter the DNS Server settings.

8.6

Network

Detect

Collect DNS Query Audit Logs

Collect DNS query audit logs on enterprise assets, where appropriate and supported.

Collect all DNS records processed on the device and network

8.7

Network

Detect

Collect URL Request Audit Logs

Collect URL request audit logs on enterprise assets, where appropriate and supported.

Collect originating URL and full URL when CyberSight is enabled

8.10

Network

Protect

Retain Audit Logs

Retain audit logs across enterprise assets for a minimum of 90 days.

Zorus retains all data for minimum of 90 days. User data, originating and full URLs when CyberSight is enabled is stored indefinitely

9

9.2

Network

Protect

Use DNS Filtering Services

Use DNS filtering services on all enterprise assets to block access to known malicious domains.

Zorus offers DNS filtering at the device and network levels

9

9.3

Network

Protect

Maintain and Enforce Network-Based URL Filters

Enforce and update network-based URL filters to limit an enterprise asset from connecting to potentially malicious or unapproved websites. Example implementations include category-based filtering, reputation-based filtering, or through the use of block lists. Enforce filters for all enterprise assets.

Zorus offers Content filtering at the device and network levels for categories, reputation, geoIP and block lists