Reducing Risk with CIS CSC
(Critical Security Controls)

Many organizations address the challenges and increasing threats to their cyber security by strategically choosing a security controls framework as a reference for initiating, implementing, measuring and evaluating their security posture as well as managing risk. Over the years, many security control frameworks have been developed (e.g. NIST, ISO/IEC), with the common goal of offering combined knowledge and proven guidance for protecting critical assets, infrastructure and information.

Featured Resources

 The CIS Critical Security Controls and Tripwire Solutions

Download White Paper

 Detailed Mapping of Tripwire Solutions and The CIS Controls

Download White Paper


Security controls themselves are technical safeguards and operational procedures that strengthen defenses against threats. They typically require the triad of people, process, and products.

The CIS Controls are a prioritized list designed to provide maximum benefits toward improving risk posture against real-world threats. This list of 20 control areas grew out of an international consortium of U.S and international agencies and experts, sharing from actual incidents and helping to keep it current against evolving global cyber security threats.  


Tripwire's solutions help organizations of all sizes and types quickly address the first four, truly foundational, security controls. Conquering the first four then lays the foundation for addressing additional controls—which Tripwire can also help with. Using Tripwire, enterprises can achieve accelerated progress on:

  • CSC 1 - Inventory of Authorized and Unauthorized Devices
  • CSC 2 - Inventory of Authorized and Unauthorized Software
  • CSC 3 - Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
  • CSC 4 - Continuous Vulnerability Assessment and Remediation

Regardless of the security control framework your organization may be considering or has begun to implement, the CIS Controls are a flexible starting point, applicable to nearly any organization regardless of size, industry, geography or government/commercial. See how Tripwire can help you make rapid progress in establishing a strategy, quickly implementing and then measuring and reporting against your organization's goals.

Next-Generation Threat Protection

Your data and critical assets need advanced security and compliance. Tripwire makes the industry-leading threat protection software that can ensure that your data is safe. Get a product demo or contact our sales team to get Tripwire today.