Harden your defenses with cybersecurity frameworks
Get industry best-practice guidance to improve your entire security effort
Elevate
your security response
with cybersecurity frameworks
Cybersecurity frameworks are policies and procedures designed to help you more effectively reduce security risk. Produced by authoritative industry and government organizations, they contain best-practice guidance for protecting critical infrastructure and data. In some industries, their use may be required for compliance.
Explore the frameworks on this page and learn how Infoblox solutions help you make the most of them.
“Cybersecurity frameworks bring a common vision to the objectives of cyberattackers and the step-by-step tactics and techniques they will use. This shared language enables you to communicate clearly with others in the cyberdefense community about exact details of a threat. It also provides a useful means for describing your current security controls and processes.”
Anthony James, VP of Product Marketing, Infoblox
U.S. National Institute of Standards and Technology (NIST) Framework
The U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) was designed to protect critical infrastructures like power plants and other essential public infrastructure from cyberattackers. The basic tenets of NIST CSF can apply to any organization to better improve and manage security. Several NIST standards cover cybersecurity.
ISO 27001 Information Security Management System Framework
The ISO/IEC 27001 and ISO/IEC 27002 are important standards that CISOs are using to address business risks and improve their overall cyberdefense. The ISO standards can help your organizations build a resilient information security framework to better meet current threats and rapidly adapt to new ones.
MITRE ATT&CK Framework
The MITRE ATT&CK Framework is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. The knowledge base serves as a foundation for the development of specific threat models and methodologies in the private sector, in government and in the cybersecurity product and service community.
Zero Trust Framework
Forrester Research introduced the Zero Trust Framework about a decade ago. The baseline concept is that no users should ever be trusted even if they have been successfully granted access to internal networks. One of the key operational requirements of zero trust is to continually inspect, validate and verify all users and their traffic to critical and confidential data resources.
ISACA COBIT 2019 Framework for Governance and IT Management
The Information Systems Audit and Control Association (ISACA) association COBIT 2019 framework provides a blueprint that makes it easier and quicker for managers to gain alignment on IT governance and management issues and more rapidly realize the benefits of doing so.
Center for Internet Security Controls Framework
The framework is a set of defense-in-depth best practices assembled by IT experts based on their experience in countering cyberattacks. It enables organizations to improve the assessment of current threats and rapidly adapt to new ones. It will empower your security team to better share information about attacks and attackers, determine root causes and select and apply the right defense mitigation methods.
Cybersecurity Maturity Model Certification (CMMC) Framework
The CMMC is a U.S. Department of Defense regulation designed to ensure that the Controlled Unclassified Information (CUI) resident in the Defense Industrial Base networks and systems is adequately protected by security controls and related processes. It is mandatory for most defense contractors and their supply chains. Discover how foundational security from Infoblox helps you take full advantage of this framework.
Explore related products
Networking products
Core network services, including DDI: DNS, DHCP and IP address management
Networking products
Core network services, including DDI: DNS, DHCP and IP address management
Security products
Foundational security for anywhere protection
Security products
Foundational security for anywhere protection
Automation products
Tools to streamline modern networking and security
Automation products
Tools to streamline modern networking and security
Dive a little deeper
