The First 5 CIS Controls
CSC 1: Inventory of Authorized and Unauthorized Devices.
CSC 2: Inventory of Authorized and Unauthorized Software.
CSC 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers.
CSC 4: Continuous Vulnerability Assessment and Remediation.
CSC 5: Controlled Use of Administrative Privileges.
BelSecure model features
Automated, daily vulnerability assessment, including all Microsoft OS and application vulnerabilities, Adobe vulnerabilities, anti-virus status, and more.
Web portal architecture. WAN based operation. Single Intranet server and database.
Automatic comparison with NIST’s FDCC and USGCB checklists.
Automatically collects all of the configuration and vulnerability data into a central repository, or CMDB.
Helps automate security processes such as FISMA, HIPAA and FFIEC.
Securing the Enterprise – Cyber Security Myth & Reallity white paper
Enterprise-wide, standards-based, continuous monitoring of automated security controls.
Mapping the NIST SP 800-53 security controls to Belarc’s products white paper
Belarc's products monitor many of the technical controls in the NIST document referenced
Monitored Clients: Windows 10, 8, 7, Vista, and XP. BelManage offers both installable or agent-less solutions.
Server OS: Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 (64-bit or 32-bit), Windows Server 2003 (32-bit), or Windows 2000 Server.
Server Disk Space: 300 MB plus 1 MB per monitored client.
Server Database: MS SQL Server Express Edition (included); MS SQL Server 2014, 2012, 2008 R2, 2008, or 2005 (customer supplied option, no additional cost for interface module) or Oracle 11g or 10g (customer supplied option, additional € 5,000 cost for interface module).