Resources
Industry/Legal Guidelines
- California Breach Notification Law
- CIS Critical Controls
- CIS Compliance Benchmark
- CIS Benchmarks
- NIST 800-53 — Security Controls
- NIST 800-171 — Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
- NIST Cybersecurity Framework
- GDPR General Data Protection Regulation Toolkit (download)
Reports
Best Practices
- Best Practices for Notifying Affected Individuals of a Large-Scale Data Breach (download)
- Remediation: Pass the Hash
- Sysmon Deployment
- For Deployment of Sysmon using a GPO: https://gist.github.com/silentbreaksec/8972f8c9dce151aebbef0a58313f3971
- Initially use this example Sysmon XML configuration file to seed the Sysmon deployment.