Passive asset discovery tools and free SANS tools explained
Author: Rich Johnson


Passive asset discovery tools and free SANS tools explained
This is the first in a series about the tools available to implement the SANS Top 20 Security Controls. The subsequent parts available now are: Part 1 - we look at Inventory of Authorized and Unauthorized Devices. Part 2 - we look at Inventory of Authorized and Unauthorized Software. Part 3 - we look at Secure Configurations. Part 4 - we look at Continuous Vulnerability…


Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Parts 18 - 20
This is the last part of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked…
Get the latest security news in your inbox.


Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 17: Data Protection
This is Part 17 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory…


Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 16: Account Monitoring and Control
This is Part 16 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory…


Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 15: Controlled Access Based on the Need to Know
This is Part 15 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory…


Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 14: Maintenance, Monitoring and Analysis of Audit Logs
This is Part 14 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory…


Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 13: Boundary Defense
This is Part 13 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory…


Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 12: Controlled Use of Administrative Privileges
This is Part 12 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory…


Free and Commercial Tools to Implement the CIS Security Controls, Part 10 &11;: Secure Configurations & Control for Network
This is Part 10 & 11 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory…


Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 8&9: Data Recovery & Security Training
This is Part 8 & 9 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the CIS Security Controls. A summary of the previous posts is here: Part 1 - we looked at Inventory of Authorized and Unauthorized…


Free and Commercial Tools to Implement the SANS Top 20 Security Controls, Part 7: Wireless Access Control
This is Part 7 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with SANS’ Security Controls. A summary of the previous posts: Part 1 - we looked at Inventory of Authorized and Unauthorized Devices. Part 2 - we looked at Inventory of Authorized and Unauthorized Software. Part 3 - we looked at Secure…


Free and Commercial Tools to Implement the SANS Top 20 Security Controls, Part 6: Application Security
This is Part 6 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with SANS’ Security Controls. A summary of previous posts Part 1 - we looked at Inventory of Authorized and Unauthorized Devices. Part 2 - we looked at Inventory of Authorized and Unauthorized Software. Part 3 - we looked at Secure Configurations. …