Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Insights to Control Framework Mapping: Software Support

Ingrid

Refer to the following Software Support insights and assessments and how they're mapped to CIS v7 and CIS v8 controls for Control Insights:

No Abandoned Software

The lack of abandoned software indicates effective control of managing and discontinuing software products.

At least one event of the following event types was detected: [Configuration Management System in Use]

Assessment

insight-effective.png Positive

Observations

CIS v8 Controls CIS v7 Controls

Controls

2 Inventory and Control of Software Assets

Safeguards

  • 2.1 Establish and Maintain a Software Inventory
  • 2.2 Ensure Authorized Software is Currently Supported
  • 2.3 Address Unauthorized Software

Controls

2 Inventory and Control of Software Assets

Safeguards

  • 2.1 Maintain Inventory of Authorized Software
  • 2.2 Ensure Software is Supported by Vendor
  • 2.6 Address Unapproved Software

Abandoned Software

The presence of abandoned software indicates ineffective control of managing and discontinuing software products

The ratio of events of type [Abandoned Software] by type [Desktop Endpoint, Mobile Endpoint, Open Port] is above 0.01%

Assessment

insight-ineffective.png Negative

Observations

CIS v8 Controls CIS v7 Controls

Controls

2 Inventory and Control of Software Assets

Safeguards

  • 2.1 Establish and Maintain a Software Inventory
  • 2.2 Ensure Authorized Software is Currently Supported
  • 2.3 Address Unauthorized Software

Controls

2 Inventory and Control of Software Assets

Safeguards

  • 2.1 Maintain Inventory of Authorized Software
  • 2.2 Ensure Software is Supported by Vendor
  • 2.3 Utilize Software Inventory Tools
  • 2.6 Address Unapproved Software

Unsupported Server Software

The presence of unsupported server software indicates ineffective control of network assets and the software life cycle

The ratio of events of type [Unsupported Server Software] by type [HTTP Service, HTTPS Service] is above 10.0%

Assessment

insight-ineffective.png Negative

Observations

CIS v8 Controls CIS v7 Controls

Controls

2 Inventory and Control of Software Assets

Safeguards

  • 2.1 Establish and Maintain a Software Inventory
  • 2.2 Ensure Authorized Software is Currently Supported
  • 2.3 Address Unauthorized Software

Controls

2 Inventory and Control of Software Assets

Safeguards

  • 2.1 Maintain Inventory of Authorized Software
  • 2.2 Ensure Software is Supported by Vendor
  • 2.3 Utilize Software Inventory Tools
  • 2.4 Track Software Inventory Information
  • 2.6 Address Unapproved Software
  • April 1, 2025: Published.

Related articles

Feedback

0 comments

Please sign in to leave a comment.