Skip to content
    March 19, 2024

    Now Available: CIS Control Compliance Reports

    What are the CIS Critical Security Controls?

    The CIS (Center for Internet Security) Critical Security Controls, referred to as CIS Controls, are a set of best practices any organization can use to strengthen their cybersecurity posture.

    The CIS 18 are prioritized, easy to understand, and extremely cost-effective for small to mid-size organizations looking to prove they are secure enough to do business in today’s marketplace. I highly recommend starting with CIS in building your cybersecurity program.”

    – Jim Long, Managing Partner - The Long Law Firm, PLLC (Source: CIS)

    How Can Blumira Help With CIS Critical Security Controls?

    Complying with the CIS Controls can help protect organizations against security risks. With Blumira, you can easily meet and exceed CIS Control requirements for audit log management (CIS 8), network monitoring and defense, and much more.

    By regularly running and scheduling Blumira’s pre-built CIS Control reports, you can prove your compliance to an auditor for certain controls.

    Which Reports Map to Which CIS Critical Security Controls?

    See which Blumira reports map to which CIS Controls so you can easily hand over pre-built reports to your auditor to prove your compliance. Please note that each report is available for certain integrations, which are listed under each report below:

    CIS Critical Security Controls

    Blumira’s Global Reports

    CIS Control 3 – System Changes: Record critical configuration and policy changes

    CIS - Windows GPO Updates (Blumira)
    Available for: Windows

    CIS - Azure Policy Changes (ERW Inc)
    Available for: Azure

    CIS - Firewall Configuration Change 
    Available for: Fortigate, CiscoASA, Sonic Wall, Sophos XG

    CIS Control 4 – Privileged Access: Track access by administrators and power users

    CIS Controls - Administrator Access (Windows) 
    CIS Controls - Admin/root Access (Linux)
    Available for: Windows, Linux

    CIS Control 4 – Logins by Location: Spot access from unfamiliar regions

    CIS  - Logins from Outside the US
    CIS  - Logins from Outside the UK
    CIS  - Logins from Outside the AUS
    CIS  - Logins from Outside the CA
    Available for: Azure, Microsoft 365, Duo Security, Okta

    CIS Control 5 – Failed Logins: Identify brute force and other credential attacks

    CIS Controls - Failed Logins
    Available for: Windows, Linux, MacOS

    CIS Control 5 – Account Lockouts: Find accounts locked due to excessive failed logins

    CIS - Account Lockouts
    Available for: Windows

    CIS Control 6 – Log Tampering: Detect modifications or deletions of log data

    CIS Controls Log Tampering - Clearing of Windows Event Log
    CIS Controls Log Tampering - Clearing of Windows Security Event Log
    Available for: Windows

    CIS Control 9 – Firewall Traffic: Analyze allowed/blocked connections at perimeter

    CIS - Allowed Firewall Traffic
    CIS - Blocked Firewall Traffic

    CIS Control 12 – VPN Connections: Monitor remote access methods and users

    CIS Controls - VPN Connections 
    Available for: Fortigate, Cisco ASA, WatchGuard, GlobalProtect, Sonic Wall, Sophos

    CIS Control 16 – Password Resets: Track password changes for awareness of compromised accounts

    CIS - Password Change
    Available for: Windows

    CIS - Azure Password Change
    Available for: Azure

    CIS Control 18 – USB Device Usage: Detect unauthorized devices plugged into endpoints

    CIS - USB Device Attached
    Available for: Windows

    CIS Controls - Mounted Device
    CIS Controls - USB Device Attached 
    Available for: MacOS

    CIS Control 19 – IDS/IPS Alerts: Identify potential intrusion attempts and malware

    CIS – IDS/IPS Alerts
    Available for: Fortigate, Sonic Wall, Palo Alto, Checkpoint, Sophos XG

    How Can I Access the CIS Reports?

    Blumira customers can use global and saved reports to easily access CIS Control reports, as well as many other reports to analyze the logged events that you send Blumira. 

    To view a CIS global report or one of your saved reports, follow these easy steps:

    1. Navigate to Reporting > Report Builder.Click to open the additional options menu (the three dot menu seen on the right side).
    2. Click Load Saved Report
    3. Type CIS into the search box at the top of the Saved Reports screen.
    4. In the Saved Reports window, click the report that you want to use, ensuring that it matches your integrated data source(s).

    Get more tips on how to use Blumira’s Report Builder in our documentation article, Using global and saved reports. Watch the video below to learn more about using Report Builder:

    A list of Blumira Reports

    Blumira For Compliance: Easy & Effective Security For SMBs

    It’s easy to help meet or support multiple compliance controls using Blumira’s SIEM + XDR platform. Time-strapped IT teams can do more with one solution that combines SIEM, endpoint visibility and automated response. See our other posts on NIST compliance reports, ISO reports, and the different compliance frameworks we support.

    There’s a few different ways you can get started with Blumira:

    • Free SIEM – Choose up to 3 cloud integrations, set up in minutes, send logs to Blumira and start seeing security value right away. Our Free SIEM gives you a limited version of our product with 14 days of data retention.
    • Try SIEM + XDR Free – Get a trial of Blumira’s XDR edition up and running to experience the complete SIEM, endpoint visibility and automated response platform. Contact us to set up an XDR trial.
    • See a Demo – Not ready to try Blumira yet? Watch our product demo video or contact our team to walk through a demo of Blumira’s XDR Platform to get all of your questions answered.

    Are you an MSP? Check out our MSP Program with NFR licensing for partners.

    Thu Pham

    Thu has over 15 years of experience in the information security and technology industries. Prior to joining Blumira, she held both content and product marketing roles at Duo Security, leading go-to-market (GTM) and messaging for the portfolio solution Cisco Zero Trust. She holds a bachelor of science degree in...

    More from the blog

    View All Posts