SANS 20 Critical Controls for Effective Cyber Defense: Consensus Audit Guidelines (CAG)

The SANS 20 Critical Controls identifies a subset of security controls that CISOs, CIOs, and IGs can focus on as their top, shared priority for cyber security attacks. The process of gathering these specific controls and sub-controls focused on identifying the highest priority defenses and represents a subset of controls found in other audit guidelines and documents.

SAINT is included on the SANS 20 Critical Controls User Vetted Tools List
Control #10 - Continuous Vulnerability Assessment and Remediation

SAINT customers use SAINT’s capabilities to provide automated support to Control #10 – Continuous Vulnerability Assessment and Remediation:

  • SAINT features scheduling of daily, weekly, monthly, or quarterly scans, and automatic updates by SAINTexpress.
  • SAINT features authenticated scanning using a Windows domain administrator account and/or a UNIX/Linux SSH account, and a credentials manager to facilitate the storage of multiple sets of credentials.
  • SAINTwriter features trend reports, which provide a historical comparison of scan results, and indicate new vs. pre-existing vulnerabilities.
  • Custom reports in SAINTwriter can be generated to chart results, by network.
  • SAINTmanager allows setting of due dates for tickets, and features automatic e-mail notification of overdue tickets.
Contact SAINT Sales