×
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Why CIS

Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world



About Us Leadership Principles Testimonials

Solutions

secure your organization
Secure Your Organization


secure specific platforms
Secure Specific Platforms


cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments


View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities



CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers

Resources

resources
Resources


learn
Learn


filter by topic
Filter by Topic


View All Resources  
CIS Logo Show Search Expand Menu



SANS registration open for security awareness and skills training in the CIS Critical Security Controls with discounts for SLTTs.


CIS CTO Kathleen Moriarty interviews Justin Richer author of "OAuth2 In Action" to discuss authentication, authorization, federation, and related technologies.


A vulnerability has been discovered in HP FutureSmart that could allow for arbitrary code execution.



Microsoft Azure Security Benchmark v3 maps to CIS Critical Security Controls v8 showing its applicability to an enterprise’s cybersecurity program regardless of architecture.


Authentication and authorization using single sign-on go hand in hand when it comes to securing an enterprise's systems.


As of November 2021, the Center for Internet Security (CIS) will cease support for CIS-CAT Pro Assessor v3.


A vulnerability has been discovered in Microsoft Edge that could result in remote code execution.



A vulnerability has been discovered in Fortinet FortiWeb that could allow for arbitrary code execution.



A vulnerability has been discovered in multiple NETGEAR products, which could allow for arbitrary code execution.



While operating in the cloud, it's crucial to understand the division of security responsibilities, known as the shared responsibility model.


Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution.



Alan Paller, an icon of the cybersecurity industry, passed away on November 9. Most knew Alan as the founder of the SANS Institute, the world’s leading teacher of cybersecurity skills. He was an unstoppable force of nature, brimming with ideas, passion, and constant action.


In this week's podcast, we welcome Thordis Thorsteins from Panaseer to discuss the importance of collecting accurate data and automating as much of the process as possible.


Multiple vulnerabilities have been discovered in iCloud for Windows Could Allow for Arbitrary Code Execution.



A vulnerability has been discovered in Palo Alto PAN-OS that could allow for arbitrary code execution.



1 2 3 105