According to the rivals, simple and effective mitigations include:

                       •  TLSv1.3 adoption

                       •  HTTP Strict-Transport-Security response header (HSTS headers)

                       •  OWASP Top 10 (updated September 2021)


                       •  Center for Internet Security (CIS) Critical Security Controls (v8 updated May 2021)



            The taxonomy is an industry effort and a living document, maintained by Shared Assessments. It is the
            most  recent  result  of  a  two-phase  cooperative  project  let  by  the  Shared  Assessments  Continuous
            Monitoring Working Group, established in 2017, which galvanized practitioners from over 55 member
            organizations.  The  first  phase  was  published  as  an  article  in  2019,  “Creating  a  Unified  Continuous
            Monitoring Cybersecurity Taxonomy: Gaining Ground by Saying What’s What.” The second phase is the
            taxonomy itself.

            A copy of the Shared Assessment Unified Third Party Continuous Monitoring Taxonomy can be obtained
            for free and here is where the SRS firms explain the benefits of the Webinar Cybersecurity Taxonomy for
            Continuous Monitoring.








































                                                                                                              67