CIS Controls v8

CIS 10 Malware Defenses

Starts in IG1 | Prevent, detect, and contain malware activity.

Implementation Actions

Deploy endpoint protections.
Restrict script/macro abuse.
Tune malware response playbooks.

Evidence Examples

Endpoint coverage records
Malware event reports
Execution control policies

Suggested Metrics

Protected endpoint coverage
Malware containment time

Navigation

Back to All 18 CIS Controls NIST CSF 2.0 Guidance FedRAMP Guidance Cybersecurity Glossary