CyberFundamentals
Framework

by the Centre for Cybersecurity Belgium

FULL VERSION AVAILABLE ON REQUEST

Click on the tag to access description and WALLIX recommendations.

IDENTIFY PROTECT DETECT RESPOND

IDENTIFY

Asset management

ID.AM-2

Software platforms and applications used within the organization are inventoried

Wallix recommendation

WALLIX can help by storing all critical targets/assets in the access management solution to have a general overview of the assets.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

Smart Male IT Programer Working on Desktop Computer. Software De

ID.AM-2

More details ?

IDENTIFY

Asset management

ID.AM-3

Organizational communication and data flows are mapped

Wallix recommendation

WALLIX PAM enforces strict limitations on access to machines, data, and the execution of services or applications—ensuring that only authorized users can perform specific actions based on their roles. This supports the Principle of Least Privilege (PoLP)…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

ID.AM-3

More details ?

IDENTIFY

Asset management

ID.AM-5

Resources (e.g., hardware, devices, data, time, personnel, and software) are prioritized based on their classification, criticality, and business value

Wallix recommendation

By leveraging the WALLIX PAM solution alongside our Risk Class Model, customers can assess and categorize assets based on their criticality—defining tailored policies for connection protocols, password complexity and rotation, and restrictions on executable code or commands.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

Checklist and clipboard task documentation management Online survey, form checklist by laptop computer, Document Management Checking System, online documentation database and process manage files.

ID.AM-5

More details ?

IDENTIFY

Asset management

ID.AM-6

Cybersecurity roles, responsibilities, and authorities for the entire workforce and third-party stakeholders are established

Wallix recommendation

At WALLIX we offer an approach that aligns user roles with asset sensitivity and business continuity priorities that enables your organization to…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX IAG

Caucasian IT professional admin using laptop computer doing data transfer operation with rack server cabinets in digital room of data center. Cyber security.

ID.AM-6

More details ?

IDENTIFY

Business Environment

ID.BE-1

The organization’s role in the supply chain is identified and communicated

Wallix recommendation

PAM secures critical systems by controlling privileged accounts and monitoring their use. It helps map key dependencies and supports incident analysis with audit trails. PEDM lets users perform specific tasks without full admin rights, reducing risk and clarifying which privileged actions are truly necessary. IDaaS with MFA centralizes identity management and ensures strong authentication, showing how much critical services rely on secure, verified access. IAG manages who has access to what and regularly reviews it, ensuring permissions match actual needs and keeping unnecessary access in check.

In OT environments, PAM protects industrial systems by controlling who has privileged access, helping identify key dependencies and potential risks. PEDM allows users to perform only the tasks they need—like diagnostics—without full admin rights, reducing risk and clarifying what actions are truly critical. IDaaS with MFA secures access to OT systems by verifying the identity of users and devices, ensuring only authorized entities can interact with critical operations. IAG defines and regularly reviews who can access what, aligning access with operational needs and removing unnecessary permissions that could introduce risk.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

document, data, customer, satisfaction, quality, information, ne

ID.BE-1

More details ?

IDENTIFY

Business Environment

ID.BE-2

The organization’s place in critical infrastructure and its industry sector is identified and communicated

Wallix recommendation

PAM and the risk class model, organizations can classify their assets by risk level and define corresponding security policies. These policies may include restrictions on connection protocols, password strength and rotation, and limitations on executable code or commands.

Assets are categorized into four…

Contact us to learn more

Critical infrastructure organizations must meet compliance requirements such as maintaining a full audit trail and managing all access based on a risk-based approach. WALLIX supports this by offering a risk class model tailored for customers with a strong focus on risk management, business continuity, and Zero Trust principles.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

ID.BE-2

More details ?

IDENTIFY

Business Environment

ID.BE-4

Dependencies and critical functions for delivery of critical services are established

Wallix recommendation

Securing critical services starts with controlling who gets in—and what they can do. PAM maps privileged access and tracks every move, while PEDM allows only the tasks that truly matter, without granting full admin rights. IDaaS with MFA ensures that only verified identities can reach your systems, and IAG keeps access aligned with real needs through role-based reviews.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

pipeline inspection robot crawling inside a pipeline, demonstrating the use of technology in maintaining critical energy infrastructure

ID.BE-4

More details ?

IDENTIFY

Governance

ID.GV-2

Cybersecurity roles and responsibilities are coordinated and aligned with internal roles and external partners

Wallix recommendation

Role-based Privileged Access Management with WALLIX PAM ensures that different stakeholders—such as auditors, approvers, administrators, and users—have the appropriate level of access based on their roles. This structured approach enforces least privilege while maintaining operational efficiency.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX IAG

Business people join puzzle pieces in office. Concept of teamwork and partnership. double exposure with light effects

ID.GV-2

More details ?

IDENTIFY

Risk Assessment

ID.RA-6

Risk responses are identified and prioritized

Wallix recommendation

The WALLIX risk class model is designed for organizations with a strong focus on risk management, business continuity, and Zero Trust principles. Using WALLIX PAM…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

ID.RA-6

More details ?

IDENTIFY

Risk Management

ID.RM-1

Risk management processes are established, managed, and agreed to by organizational stakeholders

Wallix recommendation

The WALLIX risk class model is designed for organizations with a strong focus on risk management, business continuity, and Zero Trust principles. Using WALLIX PAM…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

ID.RM-1

More details ?

IDENTIFY

Supply Chain Risk

ID.SC-1

Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders

Wallix recommendation

Securing the digital supply chain means controlling who has access—whether external vendors, contractors, or internal teams. With PAM and PEDM, organizations can enforce time-bound, least-privilege access. IDaaS with MFA adds strong authentication, while IAG ensures access aligns with defined roles and policies.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

Active world trade, world market. Global electronics market.

ID.SC-1

More details ?

IDENTIFY

Supply Chain Risk

ID.SC-2

Suppliers and third party partners of information systems, components, and services are identified, prioritized, and assessed using a cyber supply chain risk assessment process

Wallix recommendation

The WALLIX PAM System has a profile-based infrastructure. One of the profiles/roles that are embedded in the system is the…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

ID.SC-2

More details ?

IDENTIFY

Supply Chain Risk

ID.SC-3

Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization’s cybersecurity program and Cyber Supply Chain Risk Management Plan.

Wallix recommendation

PAM: Suppliers access the customer’s network via a PAM solution, with authorizations based on the Principle of Least Privilege (PoLP).

WALLIX IAG: Enables analysis and restriction of supplier and third-party access according to minimal access rights (ISO 27001:2022 – 5.20).

Audit: Includes audit modes to review…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX IAG

Big Data Technology for Business Finance Analytic Concept. Moder

ID.SC-3

More details ?

PROTECT

Identity Management, Authentication and Access Control

PR.AC-1

Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users, and processes

Wallix recommendation

As part of a broader access control and information classification strategy, WALLIX IAG supports organizations in embedding identity governance within a continuous improvement cycle (Plan, Do, Check, Act).

Complementing IAG, WALLIX PAM enables organizations to implement approval workflows, including a four-eyes principle, ensuring all stakeholders are aware of and agree on access requests…

WALLIX PAM ensures each session is linked to the correct user, maintaining accountability and traceability. All authentication attempts—successful or failed—are logged for analysis. Access to critical systems is enforced through individual user credentials. With WALLIX PEDM, privilege elevation…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX IAG

IAM and PAM - identity management and privileged access management

PR.AC-1

More details ?

PROTECT

Identity Management, Authentication and Access Control

PR.AC-3

Remote access is managed

Wallix recommendation

Privileged Access Management (PAM) solutions controls and audits remote privileged access with session recording, real-time monitoring, and secure protocol enforcement.

PEDM:
Limits elevated actions to approved commands/apps, reducing risk and supporting secure execution.

IDaaS:
Ensures only verified users access critical systems, enforcing strong authentication and encryption.

IAG:
Reviews and audits remote access rights, ensuring least privilege and compliance with cryptographic policies.

PAM provides centralized, role-based access control, ensuring users only access systems and data relevant to their roles. It enforces the principle of least privilege through fine-grained policies and session monitoring, while also supporting separation of duties via approval workflows—such as maker-checker models—to prevent a single user from initiating and approving high-risk actions.

WALLIX PAM:
Secures remote vendor access with session recording, activity logging, and protocol-aware monitoring. Enforces VPN or encrypted channels for safe connections.

PEDM:
Grants limited, time-bound privileges for remote tasks—e.g., diagnostics without control changes—enhancing safety and auditability.

IDaaS:
Adds strong identity verification for remote OT access, enforcing secure protocols and encrypted authentication.

IAG:
Controls and reviews remote access rights to OT systems, ensuring necessity, policy compliance, and full auditability.

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

PR.AC-3

More details ?

PROTECT

Identity Management, Authentication and Access Control

PR.AC-4

Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties

Wallix recommendation

While WALLIX PEDM complements this by controlling privileged actions through temporary elevation (Just-In-Time), command restrictions, and…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX IAG

A 3D cartoon businessman encounters an 'Access Denied' message on his computer screen, looking puzzled.

PR.AC-4

More details ?

PROTECT

Identity Management, Authentication and Access Control

PR.AC-5

Network integrity is protected (e.g., network segregation, network segmentation)

Wallix recommendation

WALLIX PAM ensures communication integrity with fully encrypted data flows and session content.
It further reinforces session integrity through:

Session Monitoring: Real-time tracking of privileged sessions, including commands and user actions, to detect suspicious behavior.
Session Control: Strict enforcement of who…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

Endpoint Security is a crucial aspect of cyber defense, providing protection at device level from threats, data breaches, and unauthorized access. The integrity of network systems. Generative AI

PR.AC-5

More details ?

PROTECT

Identity Management, Authentication and Access Control

PR.AC-6

Identities are proofed and bound to credentials and asserted in interactions

Wallix recommendation

Ensuring that every user, device, and process has a unique, verified identity is foundational to secure access. IDaaS with MFA centralizes identity management and enforces strong authentication before granting access. PAM builds on this by managing privileged credentials and monitoring sessions tied to unique identifiers, creating a clear audit trail. IAG enforces policies around identity, ensuring access is granted only to authenticated, traceable entities.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

Identity and Access Management Concept - IAM and IdAM - Users wi

PR.AC-6

More details ?

PROTECT

Identity Management, Authentication and Access Control

PR.AC-7

Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)

Wallix recommendation

WALLIX IDaaS enables secure access to federated services and provides multi-factor authentication for WALLIX PAM and any other service supporting SAML or RADIUS.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

Phone lock code. Smartphone protection with 2fa (two factor auth

PR.AC-7

More details ?

PROTECT

Awareness and Training

PR.AT-1

All users are informed and trained

Wallix recommendation

WALLIX provides training programs for administrators and users on WALLIX solutions to make sure that the solutions are handled in a secure and professional manner.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

Male business coach speaker in suit give flipchart presentation

PR.AT-1

More details ?

PROTECT

Awareness and Training

PR.AT-3

Third-party stakeholders (e.g., suppliers, customers, partners) understand their roles and responsibilities

Wallix recommendation

WALLIX PAM uses role-based authorizations to ensure only designated stakeholders can access specific systems. This prevents unauthorized access and clearly defines roles and responsibilities.

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

PR.AT-3

More details ?

PROTECT

Data Security

PR.DS-2

Data-in-transit is protected

Wallix recommendation

PAM helps secure data in transit by controlling and monitoring who can initiate privileged sessions that handle critical information—often enforcing encrypted protocols to reduce interception risks.

IDaaS with MFA ensures that only verified users and devices can send or receive sensitive data, enforcing strong authentication and encrypted communication policies…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

cloud computing technology concept transfer database to cloud. There is a large cloud icon that stands out in the center of the abstract world above the polygon with a dark blue background.

PR.DS-2

More details ?

PROTECT

Data Security

PR.DS-4

Adequate capacity to ensure availability is maintained

Wallix recommendation

Harden the perimeter while ensuring secure, reliable access. WALLIX appliances are available in various hardware models to support different capacity needs, and software-based VMs can be tailored to fit the organization’s specific requirements.

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

Male IT Specialist Holds Laptop and Discusses Work with Female Server Technician. They're Standing in Data Center, Rack Server Cabinet is Open.

PR.DS-4

More details ?

PROTECT

Data Security

PR.DS-5

Protections against data leaks are implemented

Wallix recommendation

Limiting access is key to protecting sensitive data. PAM enforces least privilege, monitors sessions, and provides real-time visibility to detect suspicious activity. PEDM allows users to perform specific tasks without full admin rights, reducing the risk of unauthorized access or data leakage. IDaaS with MFA secures identities with strong authentication, even if primary credentials are compromised. IAG ensures access aligns with roles through regular reviews and audits, preventing privilege creep and insider threats…

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

Cybersecurity and privacy concepts to protect data. Lock icon an

PR.DS-5

More details ?

PROTECT

Information Protection Processes and Procedures

PR.IP-1

A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)

Wallix recommendation

Organizations with a strong focus on risk management, business continuity, and Zero Trust can implement the WALLIX risk class model to strengthen their security posture. Using WALLIX PAM, customers classify assets into four risk levels (aligned with tiering or PURDUE zones) and define tailored policies for connection protocols, password strength and rotation, and restrictions on executable code or commands. These policies are developed collaboratively in customer workshops and then implemented using Infrastructure as Code (IaC).

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

REvil ransomware: how least privilege could have saved Acer

PR.IP-1

More details ?

PROTECT

Maintenance

PR.MA-1

Maintenance and repair of organizational assets are performed and logged, with approved and controlled tools

Wallix recommendation

Native WALLIX PAM feature: Remote maintenance can be secured over the whole auditable trail of access – from the perimeter up to the endpoint/asset/target system.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

PR.MA-1

More details ?

PROTECT

Protective Technology

PR.PT-1

Audit/log records are determined, documented, implemented, and reviewed in accordance with policy

Wallix recommendation

Privileged Access Management (PAM):

PAM is a key source of audit logs for privileged activity. If it fails to generate or process logs, built-in health checks and alerts should trigger immediately. PAM should also monitor access to audit logs

on other critical systems, flagging any tampering or log disablement attempts as potential threats.

Identity Access Governance (IAG):

IAG relies on audit data—including from PAM—to conduct access reviews and…

Contact us to learn more

WALLIX PAM monitors privileged access to ICS and OT network devices, generating audit logs essential for security and incident response. If audit processing fails, built-in health checks and alerts ensure visibility is maintained. PAM also protects access to OT audit logs, flagging any unauthorized tampering or log disablement attempts.

WALLIX IAG relies on audit data from PAM and other OT systems to manage access and detect risk. Failures to retrieve or process this data should…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX IAG

PR.PT-1

More details ?

PROTECT

Protective Technology

PR.PT-2

Removable media is protected and its use restricted according to policy

Wallix recommendation

WALLIX PEDM enforces control of mobile storage device usage, specifically restricting access and preventing both automatic and manual execution of code from such devices.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

Technology or mixed media on blue lights

PR.PT-2

More details ?

PROTECT

Protective Technology

PR.PT-4

Communications and control networks are protected

Wallix recommendation

PAM secures privileged accounts and access to external communication interfaces (e.g., firewalls, API gateways). It controls who can modify traffic flow rules and access logs, preserving policy integrity. Session monitoring provides an audit trail of changes—essential for reviewing exceptions.

IAG defines roles and enforces access to external communication interfaces, ensuring only authorized users can modify traffic policies. Approval workflows and audit logs track policy changes and exceptions, supporting accountability and compliance.

PAM secures privileged access to external communication interfaces in OT environments (e.g., firewalls, data gateways). By controlling configuration access and monitoring sessions, PAM protects traffic flow policies and provides an audit trail for any changes or exceptions.

IAG defines and governs access to OT communication interfaces by assigning roles and enforcing approval workflows for policy changes. It ensures only authorized personnel can manage exceptions, with audit logs tracking responsibilities and approved modifications for full accountability.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX IAG

Cybersecurity and privacy concepts to protect data. Lock icon and internet network security technology. Businessman protecting personal data on smartphone, virtual screen interfaces. cyber security.

PR.PT-4

More details ?

PROTECT

Protective Technology

PR.PT-5

Mechanisms (e.g., failsafe, load balancing, hot swap) are implemented to achieve resilience requirements in normal and adverse situations

Wallix recommendation

WALLIX PAM can be configured in several HA modes. (Active/Active – Active/Passive and Failover for slow Internet connections)

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

PR.PT-5

More details ?

DETECT

Anomalies and Events

DE.AE-2

Detected events are analyzed to understand attack targets and methods

Wallix recommendation

WALLIX securely logs all actions on target systems in a tamper-proof environment. With PEDM, logs are encrypted, safely stored, and can be forwarded to a SIEM for real-time alerts and centralized monitoring of remote access.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

Young Asian male frustrated, confused and headache by ransomware attack on desktop screen, notebook and smartphone, cyber attack and internet security concepts

DE.AE-2

More details ?

DETECT

Anomalies and Events

DE.AE-3

Event data are collected and correlated from multiple sources and sensors

Wallix recommendation

WALLIX PAM Supports distinct roles—Auditor, Approver, Administrator, and User—each with defined privileges. Access to target systems is granted based on authorizations, specifying who can access which targets, how (protocols), and under what conditions (e.g. approval workflows). Aligns with ISO 27001:2022 control 5.24 on access management.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX ONE IDAAS

WALLIX IAG

abstract network with random programming code, web and software development concept, futuristic technology, digital connectivity, cyber space

DE.AE-3

More details ?

DETECT

Anomalies and Events

DE.AE-4

Impact of events is determined

Wallix recommendation

WALLIX provides a full audit trail of privileged activity, mapped to its risk class model to align access policies with asset criticality. Logs are securely stored and can be seamlessly integrated with SIEM and SOC platforms, enabling real-time alerting, centralized visibility, and faster incident response based on risk levels.

Efficiency, operational excellence concept. Productivity with excellence process. Industrial management in efficiency and efficient process. Lean cost and productivity growth. Continuous improvement.

DE.AE-4

More details ?

DETECT

Security Continuous Monitoring

DE.CM-1

The network is monitored to detect potential cybersecurity events

Wallix recommendation

WALLIX PAM enforces virtual network segmentation through authorization rules, ensuring users can only access permitted systems and assets. All user activity—including access to target systems—is fully monitored, with real-time auditing and…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

DE.CM-1

More details ?

DETECT

Security Continuous Monitoring

DE.CM-3

Personnel activity is monitored to detect potential cybersecurity events

Wallix recommendation

Native WALLIX PAM feature: Remote maintenance and also access through the internal IT teams can be secured over the whole auditable trail of access – from the perimeter up to the endpoint/asset/target system. The integration in 3.rd party solutions like a SIEM or a SOC is doable directly in the solution (for SIEM) and / or over REST-API integration.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

DE.CM-3

More details ?

DETECT

Security Continuous Monitoring

DE.CM-7

Monitoring for unauthorized personnel, connections, devices, and software is performed

Wallix recommendation

Every action within WALLIX PAM is logged and fully auditable—including configuration changes, device onboarding, and user management. Events can be forwarded to a SIEM or SOC for analysis, monitoring, and alerting.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

DE.CM-7

More details ?

DETECT

Detection Processes

DE.DP-2

Detection activities comply with all applicable requirements

Wallix recommendation

WALLIX PAM and PEDM offer preventive and proactive controls rather than traditional detection. While features like Session Probe, PEDM, and pattern recognition can identify and block unauthorized commands, processes, or…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

DE.DP-2

More details ?

RESPOND

Communications

RS.CO-1

Personnel know their roles and order of operations when a response is needed

Wallix recommendation

WALLIX PAM’s role-based access model aligns with Zero Trust principles and the principle of least privilege. Roles are assigned to individuals based on their responsibilities, ensuring each user only has access to the systems and actions strictly necessary for their role within the organization.

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

Software, coding hologram and woman on tablet thinking of data analytics, digital technology and night overlay. Programmer or IT person in glasses on 3d screen, programming and cybersecurity research

RS.CO-1

More details ?

RESPOND

Analysis

RS.AN-3

Forensics are performed

Wallix recommendation

Privileged Access Management (PAM) solutions are essential for forensic investigations involving privileged accounts. They capture detailed logs—including session recordings, keystrokes, command history, and file access—that provide a granular view of user activity. These records help reconstruct the timeline of events involving privileged access…

Contact us to learn more

Privileged Access Management (PAM): In OT environments, PAM solutions record privileged access and actions on industrial control systems (ICS) and network devices. These logs, often tailored to OT-specific protocols and activities, are essential for forensic analysis of cybersecurity incidents in operational technology. By reviewing session recordings and activity logs, security analysts…

Contact us to learn more

SOLUTIONS THAT MAP TO THIS SPECIFIC CONTROL:

WALLIX PAM

WALLIX IAG

Cookie	Duration	Description
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

Cookie	Duration	Description
__hstc	1 year 24 days	This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.
trackalyzer	1 year	This cookie is used by Leadlander. The cookie is used to analyse the website visitors and monitor traffic patterns.

Cookie	Duration	Description
__hssc	30 minutes	This cookie is set by HubSpot. The purpose of the cookie is to keep track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
bcookie	2 years	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	This cookie is set by LinkedIn and used for routing.
messagesUtk	1 year 24 days	This cookie is set by hubspot. This cookie is used to recognize the user who have chatted using the messages tool. This cookies is stored if the user leaves before they are added as a contact. If the returning user visits again with this cookie on the browser, the chat history with the user will be loaded.

Cookie	Duration	Description
__cfduid	1 month	The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
__hssrc	session	This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	session	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_gat_UA-12183334-1	1 minute	No description
AnalyticsSyncHistory	1 month	No description
CONSENT	16 years 9 months 23 days 12 hours 13 minutes	No description
UserMatchHistory	1 month	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.
wp-wpml_current_language	1 day	No description

CyberFundamentals Framework

by the Centre for Cybersecurity Belgium

Asset management

ID.AM-2

More details ?

Asset management

ID.AM-3

More details ?

Asset management

ID.AM-5

More details ?

Asset management

ID.AM-6

More details ?

Business Environment

ID.BE-1

More details ?

Business Environment

ID.BE-2

More details ?

Business Environment

ID.BE-4

More details ?

Governance

ID.GV-2

More details ?

Risk Assessment

ID.RA-6

More details ?

Risk Management

ID.RM-1

More details ?

Supply Chain Risk

ID.SC-1

More details ?

Supply Chain Risk

ID.SC-2

More details ?

Supply Chain Risk

ID.SC-3

More details ?

Identity Management, Authentication and Access Control

PR.AC-1

More details ?

Identity Management, Authentication and Access Control

PR.AC-3

More details ?

Identity Management, Authentication and Access Control

PR.AC-4

More details ?

Identity Management, Authentication and Access Control

PR.AC-5

More details ?

Identity Management, Authentication and Access Control

PR.AC-6

More details ?

Identity Management, Authentication and Access Control

PR.AC-7

More details ?

Awareness and Training

PR.AT-1

More details ?

Awareness and Training

PR.AT-3

More details ?

Data Security

PR.DS-2

More details ?

Data Security

PR.DS-4

More details ?

Data Security

PR.DS-5

More details ?

Information Protection Processes and Procedures

PR.IP-1

More details ?

Maintenance

PR.MA-1

More details ?

CyberFundamentals
Framework