MCP.directory

cis-controls

by Hack23
2
0
Source

Implement CIS Controls v8 critical security controls for effective cyber defense in CIA platform

Install

mkdir -p .claude/skills/cis-controls && curl -L -o skill.zip "https://mcp.directory/api/skills/download/3695" && unzip -o skill.zip -d .claude/skills/cis-controls && rm skill.zip

Installs to .claude/skills/cis-controls

About this skill

CIS Controls v8 Implementation Skill

Purpose

Implement prioritized CIS Controls for cyber defense, focusing on high-impact security controls.

When to Use

  • ✅ Security hardening activities
  • ✅ Compliance assessments
  • ✅ Security baseline establishment
  • ✅ Vendor security reviews

Critical CIS Controls

Control 1: Inventory and Control of Enterprise Assets

# Maintain asset inventory
aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId,Tags[?Key==`Name`].Value|[0],State.Name]' --output table

# Tag all resources
aws ec2 create-tags --resources i-1234567890abcdef0 --tags Key=Application,Value=CIA Key=Environment,Value=Production

Control 2: Inventory and Control of Software Assets

<!-- Track all dependencies in pom.xml -->
<dependencies>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-webmvc</artifactId>
        <version>${spring.version}</version> <!-- Version via parent property -->
    </dependency>
</dependencies>

Control 3: Data Protection

@Service
public class DataProtectionService {
    @Autowired
    private BytesEncryptor encryptor;
    
    public void protectSensitiveData(SensitiveData data) {
        // Encrypt at rest
        data.setEncryptedContent(encryptor.encrypt(data.getPlainContent()));
        
        // Classify data
        data.setClassification(DataClassification.CONFIDENTIAL);
        
        // Set retention period
        data.setRetentionUntil(LocalDate.now().plusYears(7));
        
        dataRepository.save(data);
    }
}

Control 4: Secure Configuration

# application-production.yml - Secure defaults
spring:
  security:
    user:
      name: ${ADMIN_USERNAME}
      password: ${ADMIN_PASSWORD}
  
server:
  port: 8443
  ssl:
    enabled: true
  error:
    include-stacktrace: never

Control 5: Account Management

@Service
public class AccountManagementService {
    
    @Scheduled(cron = "0 0 2 * * *") // Daily at 2 AM
    public void reviewAccounts() {
        // Disable inactive accounts
        List<User> inactiveUsers = userRepository.findInactiveSince(
            LocalDateTime.now().minusDays(90)
        );
        
        inactiveUsers.forEach(user -> {
            user.setEnabled(false);
            auditLog.log("Account disabled due to inactivity: " + user.getUsername());
        });
        
        userRepository.saveAll(inactiveUsers);
    }
}

Control 6: Access Control Management

@PreAuthorize("hasRole('ADMIN')")
public void deleteUser(String userId) {
    // Enforce least privilege
    auditLogger.logPrivilegedAction("DELETE_USER", userId);
    userRepository.deleteById(userId);
}

Control 8: Audit Log Management

@Aspect
@Component
public class AuditLoggingAspect {
    @Around("@annotation(Audited)")
    public Object auditMethod(ProceedingJoinPoint joinPoint) throws Throwable {
        String action = joinPoint.getSignature().getName();
        String user = SecurityContextHolder.getContext().getAuthentication().getName();
        
        auditLog.info("Action: {}, User: {}, Timestamp: {}", 
            action, user, Instant.now());
        
        return joinPoint.proceed();
    }
}

Control 16: Application Software Security

# Security scanning in CI/CD
mvn org.owasp:dependency-check-maven:check
mvn sonar:sonar -Dsonar.qualitygate.wait=true

Implementation Priority

  1. IG1 (Implementation Group 1) - Essential for all organizations

    • Controls 1-6: Basic cyber hygiene

  2. IG2 - Additional controls for medium-sized organizations

    • Controls 7-16: Enhanced security

  3. IG3 - Comprehensive controls for large organizations

    • Controls 17-18: Advanced/specialized

Hack23 ISMS Policy References

CIS Controls Implementation:

All Hack23 ISMS Policies: https://github.com/Hack23/ISMS-PUBLIC

CIA Platform Architecture References

References

You might also like

flutter-development

aj-geddes

Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.

644969

drawio-diagrams-enhanced

jgtolentino

Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.

593705

ui-ux-pro-max

nextlevelbuilder

"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."

319400

godot

bfollington

This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.

341398

nano-banana-pro

garg-aayush

Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.

454339

fastapi-templates

wshobson

Create production-ready FastAPI projects with async patterns, dependency injection, and comprehensive error handling. Use when building new FastAPI applications or setting up backend API projects.

304231

Related MCP Servers

Browse all servers
Google GenAI ToolboxGoogle GenAI Toolbox

MCP Toolbox for Databases by Google. An open-source server that lets AI agents query Cloud SQL, Spanner, AlloyDB, and ot

13,3270 tools
CLICLI

Use CLI, a secure shell client for Windows, to safely execute commands via SSH secure shell with advanced security contr

401 tools
arch-linux-mcparch-linux-mcp

High-performance Arch Linux MCP server — Model Context Protocol implementation for lightweight, secure, and custom deplo

3222 tools
AIM GuardAIM Guard

Protect your MCP with AIM Guard—advanced threat detection software for unauthorized access, botnet, and malware detectio

196 tools
TerminalTerminal

Terminal offers a secure terminal server for executing approved shell commands with robust resource controls and advance

80 tools
XcodeXcode

Automate Xcode project builds, scheme management, and error checks using AppleScript with secure path controls and macOS

425 tools

Stay ahead of the MCP ecosystem

Get weekly updates on new skills and servers.