温馨提示:本站仅提供公开网络链接索引服务,不存储、不篡改任何第三方内容,所有内容版权归原作者所有
AI智能索引来源:http://www.ssh.com/academy/compliance/sans-top-20
点击访问原文链接

SANS top 20 controls relate to SSH key based access

进入原网站 导航首页
SANS top 20 controls relate to SSH key based access About us Investors Partners Careers Solutions SOLUTIONS Zero Trust Suite Quantum-Safe Cryptography (QSC) SalaX Secure Collaboration Security Risk Assessment, Quantification & Mitigation By Topic Just-in-Time Access Secure vendor access Credentials & Secrets Management Hybrid & multi-cloud access management Interactive tour: Privileged Access in the Cloud M2M connections IT Audits & Compliance Secure file transfer By Industry Managed Service Providers (MSP) Operational Technology (OT) Federal Government Security Products SECURE ACCESS & SECRETS MANAGEMENT SECURE FILE TRANSFER & ENCRYPTION NQX™ quantum-ready encryption Tectia™ SSH Client/Server Tectia™ z/OS SalaX Secure Collaboration Secure Mail 2024 Secure Messaging 2024 SalaX Secure Collaboration Solutions SOLUTIONS PrivX Zero Trust Suite SalaX Secure Collaboration Strong ID-based access with Entra ID & Zero Trust Suite Quantum-Safe Cryptography (QSC) Security Risk Assessment, Quantification & Mitigation Device trust & access and identity verification Identity-based authentication & converged IAM and PAM TOPICS Just-in-Time Access Secure vendor access Credentials & Secrets Management Hybrid & Multi-Cloud Access Management Interactive tour: Privileged Access in the Cloud M2M Connections Management IT Audits & Compliance Secure File Transfer INDUSTRIES Managed Service Providers (MSP) Operational Technology (OT) Federal Government Security Healthcare Data Security OT Security IT/OT convergence of data & systems Zero Trust Access and ZSP Workflow approvals Secure remote access  Secure patch management  OT Compliance Discovery and threat intelligence Phishing-resistant MFA & device trust Products SalaX SECURE COLLABORATION Secure Mail Secure Messaging Secure Sign SalaX Secure Collaboration FQX File Encryptor SECURE ACCESS & SECRETS MANAGEMENT PrivX™ PAM PrivX™ OT Edition PrivX Key Manager SECURE FILE TRANSFER & ENCRYPTION Tectia™ SSH Server Tectia™ SSH Server for IBM z/OS PrivX Desktop NQX™ quantum-safe encryption Services SSH Risk Assessment™ Professional Services Support Contact us Customer cases PrivX Zero Trust PAM Enterprise Key Management UKM Tectia SFTP for servers & mainframes SSH Secure Collaboration Resources SSH Academy Content library Blog References Press releases Downloads Manuals Events & Webinars Media Legal Report a vulnerability Solutions SOLUTIONS PrivX Zero Trust Suite SalaX Secure Collaboration Strong ID-based access with Entra ID & Zero Trust Suite Quantum-Safe Cryptography (QSC) Security Risk Assessment, Quantification & Mitigation Device trust & access and identity verification Identity-based authentication & converged IAM and PAM TOPICS Just-in-Time Access Secure vendor access Credentials & Secrets Management Hybrid & Multi-Cloud Access Management Interactive tour: Privileged Access in the Cloud M2M Connections Management IT Audits & Compliance Secure File Transfer INDUSTRIES Managed Service Providers (MSP) Operational Technology (OT) Federal Government Security Healthcare Data Security OT Security IT/OT convergence of data & systems Zero Trust Access and ZSP Workflow approvals Secure remote access  Secure patch management  OT Compliance Discovery and threat intelligence Phishing-resistant MFA & device trust Products SalaX SECURE COLLABORATION Secure Mail Secure Messaging Secure Sign SalaX Secure Collaboration FQX File Encryptor SECURE ACCESS & SECRETS MANAGEMENT PrivX™ PAM PrivX™ OT Edition PrivX Key Manager SECURE FILE TRANSFER & ENCRYPTION Tectia™ SSH Server Tectia™ SSH Server for IBM z/OS PrivX Desktop NQX™ quantum-safe encryption Services SSH Risk Assessment™ Professional Services Support Contact us Customer cases PrivX Zero Trust PAM Enterprise Key Management UKM Tectia SFTP for servers & mainframes SSH Secure Collaboration Resources SSH Academy Content library Blog References Press releases Downloads Manuals Events & Webinars Media Legal Report a vulnerability About us Investors Partners Careers SSH Academy Cloud Cloud Access Management Cloud Applications Cloud Computing Cloud Computing Models Cloud Computing Pros and Cons Cloud Computing Security Cloud Computing Services: Characteristics Cloud Infrastructure Entitlement Management (CIEM) Cloud Security Buyer's Guide Cloud Security Maturity Model Cloud Service Providers IaaS Immutable Infrastructure in Modern IT PaaS SaaS Virtualization Technology Compliance Cybersecurity Compliance Basics of SSH Compliance Basics of SSH Key Compliance Basel III Digital Operational Resilience Act (DORA) Ensuring ISO 27001 with PAM Fips 200 GDPR HIPAA ISACA ISO 27001 NIS Directive A Guide to NIS2 Directive NIST Cybersecurity Framework NIST 2.0 Cybersecurity Framework NIST 7966 NIST 800-53 PCI-DSS Sans Top 20 Sarbanes Oxley Understanding PAM Standards Cryptography Cryptography Explained Cryptography and the Quantum Threat Encryption Key Management Private & Public Keys Quantum Computing & Post-Quantum Algorithms What is File Encryption? Identity and Access Management (IAM) What is Identity and Access Management (IAM)? What is IAM Zero Trust Framework? What is Zero Trust Network Access (ZTNA)? A Guide to Zero Trust Architecture Active Directory Entra ID by Microsoft Ephemeral Certificates & Ephemeral Access Gartner CARTA How PAM Complements Existing IAM IAM vs PAM Identity Governance and Administration (IGA) Identity Management Jump Server Just-in-Time Access Just-in-Time Security Tokens Key IAM Concepts for IT Professionals Multi-Factor Authentication (MFA) OpenID Connect (OIDC) Privileged Identity Management (PIM) Radius Sudo User Account Types User IDs Unified IAM-PAM solution Internet of Things (IoT) IoT Security IoT: Accessing IoT devices for SSH What is IIoT? Operational Technology What is OT Security? Best OT Security Solutions Best Practices for Secure Remote OT Access Critical Infrastructure Cybersecurity: Key Concepts Explained How to Safeguard Your OT Network Without Separate IT/OT Solutions How to Secure IoT and OT Systems: A Practical Guide ICS OT Security Industrial Automation Cybersecurity: Key Considerations and Risks IT vs OT Navigating OT Security Standards OT, ICS, SCADA explained OT Risk Management: What It Is and Why You Need It OT Security Assessment OT Security Best Practices OT Security Essentials OT Governance: Key Principles for Effective Implementation PAM and IACS Integration PAM & IEC 62443 Access Control Standards PAM for Energy Sector PAM for Manufacturing PrivX for Energy Sector PrivX for Forestry Industry Remote Diagnostics for Ships Remote Maintenance of Pulp&Paper Machines SCADA Security Essentials: Your Need-to-Know Guide What Is OT Monitoring and Why Is It Important? What is the IT/OT Convergence? Why Is Zero Trust Access Important in OT? Password and Secrets Management A Guide to Passwordless and Keyless Authentication Break-Glass Access Credential Management System Password and Key Rotation Password Attack Types Password Generator Password Strength Best Practices Password Vaults Passwordless Authentication - Advantages Passwordless Authentication - Implementation Passwordless Explained pt. 1 Passwordless Explained pt. 2 Secrets Management Guide Secrets Vault Zero Standing Privileges (ZSP) Privileged Access Management AI in PAM for Predictive Security Automating PAM Best PAM Solutions 2025 Comparing PAM Solutions Challenges in Cross-Platform PAM Integrating PAM with SIEM KPIs for PAM Least Privilege PAM Best Practices PAM Checklist PAM Enhances Remote Work Security PAM Lifecycle Management PAM Vendors: Must-Have Capabilities for Effective Access Control Privileged Access Management (PAM) Privileged Access Management (PAM) in the Cloud PrivX MFA The Strategic Role of PAM PAM - IT Benefits for Different Industries PAM for Pharmaceuticals Data Security PAM for Healthcare PrivX PA; for Financial Industry Data PrivX PAM for Government and Public Sector PrivX PAM for Healthcare Industry PrivX PAM for Manufacturing PrivX PAM for Media and Entertainment Industry PrivX PAM for Pharmaceutical and Biotechnology Data Privileged Accounts and Sessions Privilege Elevation and Delegation Management Privileged Account PrivX Against Privileged Account Hijacking Privileged Account and Session Management (PASM) Root Accounts Public Key Infrastructure (PKI) What is Public Key Infrastructure (PKI)? PKI Background PKI Certificates X.509 Certificates Secure Information Sharing (SIS) Business Email Compromise (BEC) Business Email Compromise: How to Prevent BEC Attacks Digital Signatures Email Phishing Enterprise Email Security Secure Data Sharing Secure Email Gateways (SEGs) Secure Shell (SSH) What is Secure Shell (SSH)? What is the Secure Shell (SSH) Protocol? Automated M2M Connections Network Monitoring OpenSSH OpenSSH Server Process (SSHD) Port 22 Remote File Copy (RCP) Remote Login (rlogin) Remote Shell (RSH) Secure File Copy (SCP) Session Key Single Sign-On (SSO) Using SSH Agent SSH Command SSH Configuration SSH for Windows SSH Software Downloads SSH Server SSH Server Configuration Tectia SSH Server Telnet WinSCP SSH protocol Vs Microsoft: A Comprehensive Guide Security Orchestration Basics of Security Orchestration Data Loss Prevention (DLP) Security Information and Event Management (SIEM) Security Operations Center (SOC) Security Orchestration, Automation, and Response (SOAR) SFTP & Secure Remote Access File Transfer Protocol (FTP) Clients File Transfer Protocol (FTP) Legacy File Transfer Protocol (FTP) Servers Obsolescent Secure File Transfer Protocol (FTPS) Secure Remote Access (SRA) SSH File Transfer Protocol (SFTP) SSH Clients What are SSH Clients? Tectia SSH Client PuTTY Background PuTTY Download PuTTY for Linux PuTTY for Mac PuTTY for Windows PuTTY for Windows Installation PuTTY Public Keys PuTTYgen for Linux PuTTYgen for Windows SSH Keys A Basic Overview of SSH Keys Authorized Key Authorized Keys File Authorized Keys in OpenSSH CAC and PIV Smartcards Copy ID Passphrase Passphrase Generator Public Key Authentication SSH Host Key SSH Key SSH Key Identities SSH Key Management SSH Key Proliferation SSH Keys for SSO SSH Keygen SSH Tunneling SSH Tunneling SSH Tunneling Example Hacks, Threats & Vulnerabilities BothanSpy & Gyrafalcon Breaches in Operational Technology Breaches Involving Passwords & Credentials GoScanSSH Malware Man-in-the-Middle Prevent Data Exfiltration with PrivX PAM PrivX PAM Against Malware & Ransomware Password Sniffing SANS top 20 controls relate to SSH key based access Contents What are the SANS 20 controls SANS Top 20 critical security controls and SSH SANS controls and SSH guidance Recommendations Further reading What are the SANS 20 controls The SANS CIS Critical Security Controls (SANS CIS) are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks. The controls are applicable for all kinds of business and IT organizations, and they analyze all the data about attacks and intrusions. The objective of the SANS CIS top 20 Controls is to protect your critical assets, infrastructure, and information. The controls will help identify your network vulnerabilities, strength your organization’s defensive posture and to monitor of your sensitive information. Benefits include (to name a few):

compromises will be reduced,

the need for recovery efforts will be minimized,

and the associated costs will be cut down.

SANS CIS suggests that you conduct a security control gap assessment to compare your organization’s current security stance to the detailed recommendations of the critical controls. SSH communication solutions support your gap assessment effort and offers up reports that further confirms the effectiveness of your access controls. Additionally, our solutions are key to the organizations’ provisioning systems and access governance processes.

SANS Top 20 critical security controls and SSH Information security is a complex and multi-faceted topic. Security requires attention on multiple levels, all the way from individual users and applications and down to the level of systems and networks. While some aspects of information security have all along been in focus and under tight security scrutiny, there are also areas that have received less attention. The user- and application-level identity and security management appears to be an area that the security industry players have placed their emphasis on, while system-level issues have traditionally seen less attention.

Given the purpose of SANS CIS CSC which is defensive actions to stop dangerous cyberattacks, the SSH protocol contributes to the defense bottom line by:

Scanning and detecting the network such as IP addresses and identify hosts based on analyzing their traffic. In this way, both authorized and unauthorized devices and system would be detected.

Encrypting traffic between two end points, and supporting the protection of secure access.

Is a secure alternative/replacement for older tools (telnet, FTP, rsh, etc.) that prevents unauthorized access to the network which could lead to security breach.

Ensuring only authorized users access to the system.

Securing mission critical backups and business continuity processes.

Most of all, preventing man-in-the middle attacks, and provide a secure network environment.

SANS controls and SSH guidance Many of the SANS CIS CSC are directly or indirectly impacted by your SSH key deployment. The following table highlights a few best practices and security control implementations that will help to ensure your compliance with SANS CIS:

SANS CIS Control description SSH Guidance 1.4 Maintain an asset inventory of all systems connected to the network and the network devices themselves, recording at least the network addresses, machine name(s), purpose of each system, an asset owner responsible for each device, and the department associated with each device. Our solutions maintain inventory of keys and host information. 4.3 Perform vulnerability scanning in authenticated mode either with agents running locally on each end system to analyze the security configuration or with remote scanners that are given administrative rights on the system being tested. Our solutions provide vulnerability scans for SSH key strengths, age, operating system versions and SSH versions. Additionally, they identify versions with known vulnerabilities. 8.1 Employ automated tools to continuously monitor workstations, servers, and mobile devices with anti-virus, anti-spyware, personal firewalls, and host-based IPS functionality. All malware detection events should be sent to enterprise anti-malware administration tools and event log servers. Our solutions monitor incoming and outgoing traffic real time and alerts appropriate security monitoring tools (DLPs, SEM, SIEM, ...). 12.1 Deny communications with (or limit data ow to) known malicious IP addresses (black lists), or limit access only to trusted sites (whitelists). Tests can be periodically carried out by sending packets from bogon source IP addresses (non-routable or otherwise unused IP addresses) into the network to verify that they are not transmitted through network perimeters. Our solutions monitor, audit and control encrypted privileged access. Our products also enhance logical access controls and support the defined roles and responsibilities. Therefore, access is granted only for approved roles including SSH access. 14.4 All information stored on systems shall be protected with le system, network share, claims, application, or database specific access control lists. These controls will enforce the principal that only authorized individuals should have access to the information based on their need to access the information as a part of their responsibilities. Our solutions monitor, audit and control encrypted privileged access. Our products also enhance logical access controls and support the defined roles and responsibilities. Therefore, access is granted only for approved roles including SSH access. 16.1 Review all system accounts and disable any account that cannot be associated with a business process and owner. Our solutions enhance the logical access controls and support the defined roles and responsibilities. Access is granted only for approved roles. Recommendations The consequences of cyber-attacks are very severe since unauthorized individuals can gain access to private networks to steal important and sensitive data. Organizations should pay attention to critical security controls to ensure unauthorized devices and individuals are blocked from accessing or connecting to systems.

The CIS Controls are particularly significant because they are upgraded by digital specialists taking into account real threat information pulled from various open and private danger sources. Professionals from different associations joined their insight to make this agreement of controls, and it is an incredible reference point for any association hoping to enhance their data security stance. The superiority of SANS CIS Control is the prioritization. The Controls are intended to help organizations define the starting points for their defenses by guiding them to perform vulnerability assessments. Additionally, the Controls will direct organizations focus on the risks that are unique to their business and provide suggestions and methods for them to pay attention. As a result, organizations will receive immediate and high-value results by taking on actions followed the instructions of the SANS CIS Controls.

Organizations should improve their security processes by including the numerous existing SSH identities as part of their overall identity and access management practices. Because lack of understanding how SSH is deployed and managed could lead severe consequences, your system could be attacked by unauthorized individuals, and your organizations are also under a risk of compliance perspective.

SSH Communications Security products contribute to ensuring all controls states are implemented effectively. By using the products with proper deployment and configuration, organizations will be able to enhance their security procedures further. The SSH Communications Security tools will also detect the authorized and unauthorized devices to make sure only authorized devices connect to the system. By detecting into the secure connections and transmissions across your system, our product would evaluate, monitor and remediate all risks that associated with your SSH infrastructure. Thus, your organization will be on the progressing of achieving continuous compliance.

Further reading SANS 2016 poster on the top-20 critical controls

Compliance White Paper - SSH and SANS Security

 

SSH is a leading defensive cybersecurity company that secures communications between humans, systems, and networks. We specialize in Zero Trust Privileged Access Controls and Quantum Safe Network Security. Our customers include a diverse range of enterprises, from multiple Fortune 500 companies to SMBs across various sectors such as Finance, Retail, Technology, Industrial, Healthcare, and Government. 25% of Fortune 100 companies rely on SSH’s solutions. Recent strategic focus has expanded SSH business to Defence, Critical Infrastructure Operators, Manufacturing OT Security and Public Safety.

Leonardo S.p.A invests 20.0 million EUR in SSH, becoming the largest shareholder of the company. SSH solutions form a Center of Excellence for Zero Trust privileged access management and quantum-safe network encryption in Leonardo - a global industrial group that creates multi-domain technological capabilities in the Aerospace, Defence and Security sector with 17.8 billion EUR revenue in 2024. SSH company’s shares (SSH1V) are listed on Nasdaq Helsinki.

 

Solutions Zero Trust Suite Zero Trust Suite & Entra ID Integration Quantum-Safe Cryptography (QSC) SalaX Secure Collaboration Security Risk Mitigation OT security MSP Security Device Trust Monitoring & Threat Intelligence Credentials & Secrets Management IT Audits & Compliance Products PrivX™ Hybrid PAM PrivX Key Manager Tectia SSH Client/Server™ Tectia™ z/OS Secure Messaging Secure Mail Secure Sign NQX™ Quantum-Safe Services SSH Risk Assessment™ Professional Services Support Resources Careers References Downloads Manuals Events & Webinars Blog Company About us Contact Investors Partners Press Stay on top of the latest in cybersecurity Be the first to know about SSH’s new solutions, product updates, new features, and other SSH news!

Thanks for submitting the form. © Copyright SSH • 2025 • Legal

智能索引记录