What is the CIS Top 20?

The Center for Internet Security’s Critical Security Controls (CIS Controls) are a prioritized set of actions that represent global best practices for cybersecurity.

A response to the volume of contradictory information available to security practitioners, the CIS Controls focus on vital actions to secure network infrastructures.

The CIS Top 20 Controls answer questions about:

  • The most critical areas to address
  • How to take the first step to mature a risk management program
  • How to get on track with a roadmap of fundamentals
  • Defensive steps that have the greatest value

The CIS Controls are not just another list of good things to do, but a highly-focused set of actions that are implementable, usable, scalable, and compliant with all industry or government security requirements.

While no one product can help with all 20 controls, RedSeal’s platform can help you implement aspects of 17 of the CIS Top 20 controls. RedSeal’s unique ability to model your network and understand all access paths are the foundation for a strong CIS Top 20 based security program.

What follows is a description of how RedSeal maps to the CIS Top 20 controls.

CIS Top 20 Controls


Test Drive RedSeal Stratus—the worlds's most accurate and actionable access and exposure CSPM tool -Sign Up