CIS Version 8 Security Best Practices (which include the CIS Controls and CIS Benchmarks)
CIS Control |
CIS Safeguard |
Asset Type |
Security Function |
Title |
Description |
Zorus Coverage |
4 |
4.9 |
Devices |
Protect |
Configure Trusted DNS Servers on Enterprise Assets |
Configure trusted DNS servers on enterprise assets. Example implementations include: configuring assets to use enterprise-controlled DNS servers and/or reputable externally accessible DNS servers. |
We offer Trusted DNS Servers on Network Filtering ONLY. Endpoint solution does not alter the DNS Server settings. |
8 |
8.6 |
Network |
Detect |
Collect DNS Query Audit Logs |
Collect DNS query audit logs on enterprise assets, where appropriate and supported. |
Collect all DNS records processed on the device and network |
8 |
8.7 |
Network |
Detect |
Collect URL Request Audit Logs |
Collect URL request audit logs on enterprise assets, where appropriate and supported. |
Collect originating URL and full URL when CyberSight is enabled |
8 |
8.10 |
Network |
Protect |
Retain Audit Logs |
Retain audit logs across enterprise assets for a minimum of 90 days. |
Zorus retains all data for minimum of 90 days. User data, originating and full URLs when CyberSight is enabled is stored indefinitely |
9 |
9.2 |
Network |
Protect |
Use DNS Filtering Services |
Use DNS filtering services on all enterprise assets to block access to known malicious domains. |
Zorus offers DNS filtering at the device and network levels |
9 |
9.3 |
Network |
Protect |
Maintain and Enforce Network-Based URL Filters |
Enforce and update network-based URL filters to limit an enterprise asset from connecting to potentially malicious or unapproved websites. Example implementations include category-based filtering, reputation-based filtering, or through the use of block lists. Enforce filters for all enterprise assets. |
Zorus offers Content filtering at the device and network levels for categories, reputation, geoIP and block lists |