nCircle Solutions
nCircle Supports the Consensus Audit Guidelines
The Consensus Audit Guidelines are specific information security controls designed to help enterprises and federal agencies improve the security of their networks at a much lower cost than existing methods. The controls allow those responsible for compliance and those responsible for security to agree, for the first time, on what needs to be done to make systems safer. Developed by a diverse working group of federal and commercial representatives, the Guidelines are comprised of twenty security controls, fifteen of which can be monitored automatically and continuously. Of the 15, nCircle Suite360™ can fully or partially automate 14 of the 15.
Mapping nCircle’s Support for the Consensus Audit Guidelines
Below is a chart mapping CAG requirements to nCircle capabilities. Detailed descriptions of nCircle’s capabilities for each covered control are available in nCircle Solutions for Automating the Consensus Audit Guidelines Critical Security Controls. nCircle is also included on the SANS 20 Critical Controls User Vetted Tools list with case studies included.
| Consensus Audit Guidelines Control | nCircle
|
|---|---|
| 1: Inventory of Authorized and Unauthorized Devices |  |
| 2: Inventory of Authorized and Unauthorized Software | |
| 3: Secure Configurations for Hardware & Software on Laptops, Workstations, and Servers | |
| 4: Continuous Vulnerability Assessment and Remediation | |
| 5: Malware Defenses | |
| 6: Application Software Security | |
| 7: Wireless Device Control | |
| 8: Data Recovery Capability | |
| 9: Security Skills Assessment and Appropriate Training to Fill Gaps | |
| 10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches | |
| 11: Limitation and Control of Network Ports, Protocols and Services | |
| 12: Controlled Use of Administrative Privileges | |
| 13: Boundary Defense | |
| 14: Maintenance, Monitoring and Analysis of Audit Logs | |
| 15: Controlled Access Based On the Need to Know | |
