SANS Top 20
Critical Controls for
Effective Cyber Defense
JANUARY 2014
WWW.LOGRHYTHM.COM
WWW.LOGRHYTHM.COM
PAGE 1
Description
The processes and tools used to track/control/
prevent/correct network access by devices
(computers, network components, printers,
anything with IP addresses) based on an asset
inventory of which devices are allowed to
connect to the network.
Continuous Vulnerability
Assessment and Remediation
WWW.LOGRHYTHM.COM
PAGE 2
Critical Control
5
Malware Defenses
Description
The processes and tools used to detect/prevent/
correct installation and execution of malicious
software on all devices.
WWW.LOGRHYTHM.COM
PAGE 3
Critical Control
Description
10
11
12
Controlled Use of
Administrative Privileges
WWW.LOGRHYTHM.COM
PAGE 4
Critical Control
13
14
Boundary Defense
Description
15
WWW.LOGRHYTHM.COM
PAGE 5
16
Critical Control
Description
17
18
19
WWW.LOGRHYTHM.COM
PAGE 6
Critical Control
20
Description
INFO@LOGRHYTHM.COM
PAGE 7
2014 LogRhythm Inc. | Whitepaper - SANS Top 20 Critical Controls for Cyber Defense