CYBER DEFENCE FOR EVERYONE
Your guide to the best free and affordable cyber security solutions.
HOME SME ENTERPRISE
CLOUD ON PREM
TOP 20 ESSENTIAL EIGHT

Top 20 Protections Risk Cover Hours Cost Link
1. Create an Asset inventory 17% HIGH FREE    
The first step is to compile an inventory of devices to review and protect. This will ensure no device is overlooked and high risk data can be protected.
Use an asset tracking spreadsheet 1+ FREE cisecurity.org
Install Qualys Cloud Asset Management Home Edition 3+ FREE qualys.com
Install Tenable Nessus Home Edition 4+ FREE tenable.com
Spiceworks Inventory 4+ FREE spiceworks.com
Manage Engine Asset Explorer 4+ FREE manageengine.com
Splunk for Asset Discovery 4+ FREE splunk.com
2. Patch known Vulnlerabilites 17% MED LOW  
These tools automatically scan for vulnerabilities to remediate and minimize the window of opportunity for attackers.
Patch Opperating Systems LOW FREE
Turn on automatic updates in Windows 1 FREE microsoft.com
Turn on automatic updates in MacOS 1 FREE techrepublic.com
Patch Software MED FREE
Install Qualys Cloud Asset Management Home Edition 3+ FREE qualys.com
Install Tenable Nessus Home Edition 5+ FREE tenable.com
Install GCE Vulnerability Scanner Community Edition 3+ FREE greenbone.net
Rapid7 Nexpose Scanner Community Edition 3+ FREE rapid7.com
3. Manage your Accounts 17% LOW LOW  
Strong passwords and seperate administrative privileges on computers, networks, and applications.
Use Strong Unique Passwords LOW FREE
1Password password manager 1 FREE 1password.com
LastPass password manager 1 FREE lastpass.com
Bitwarden password manager 1 FREE bitwarden.com
Dashlane password manager 1 FREE dashlane.com
Keeper password manager 1 FREE keepersecurity.com
Keepass password manager 1 FREE keepass.info
Norton LifeLock password manager 1 FREE norton.com
Check for Password Reuse LOW FREE
Have I been Pwned 1 FREE haveibeenpwned.com
Dehashed data breach search 1 FREE dehashed.com
Secure Privileged Access accounts MED FREE
Thycotic Secret Server Free 3+ FREE thycotic.com
HashiCorp Vault 3+ FREE vaultproject.io
Forgerock OpenAM 20+ FREE forgerock.org
Enable two factor authentication - List of instructions for many sites 1+ FREE twofactorauth.org
Secure Domain Name and Email Accounts with SPF, SKIM and DMARC 3+ FREE higherlogic.com
4. Secure System Configurations 17% MED LOW  
Establish the security configuration of mobile devices, laptops, servers, and workstations to prevent attackers from exploiting vulnerable services and settings.
CIS Hardening Benchmarks 3+ FREE cisecurity.org
Windows Security Compliance Toolkit 3+ FREE microsoft.com
5. Monitor System Event Logs 17% MED LOW  
Collect and analyze audit logs of events that could help detect, understand, or recover from an attack.
Deploy a Security Event Information Manager (SIEM) HIGH HIGH
Elastic Stack ELK SIEM 10+ FREE elastic.co
Alienvault OSSIM SIEM 10+ FREE alienvault.com
Splunk FREE 10+ FREE splunk.com
IBM QRadar Community Edition 10+ FREE ibm.com
Greylog Open Source 10+ FREE graylog.org
Logrythm Netmon Freemium 10+ FREE logrhythm.com
Security Onion SIEM 10+ FREE securityonion.net
Splunk Phantom SOAR 20+ FREE splunk.com
Deploy Intrusion Detection Systems (IDS) HIGH HIGH
Snort IDS 10+ FREE snort.org
Zeek IDS 10+ FREE zeek.org
Suricata IDS 10+ FREE suricata-ids.org
Canary Tokens Honeypot Alerts 2+ FREE canarytokens.org
Windows Sysmon Event Collection 1 FREE microsoft.com
Threat Intelligence MED MED
Virus Total - Malware and URL scanning service 1 FREE virustotal.com
Threatcrowd - Open Threat Exchange 1 FREE threatcrowd.org
Risk IQ Community Edition 1 FREE riskiq.com
Censys - See your Attack Surface 1 FREE censys.io
Shodan - Search engine for IOT 1 FREE shodan.io
IBM X-Force Exchange 1 FREE ibmcloud.com
Anomali Community Threat Feeds 1 FREE anomali.com
Hybrid-Analysis Threat Scanner 1 FREE hybrid-analysis.com
Uncoder Threat Query Translations 1 FREE uncoder.io
VulnDB Vulnerability Database 1 FREE vuldb.com
6. Secure Desktop Applications 5% LOW LOW  
Minimize the attack surface and the opportunities for attackers to manipulate human behavior through their interaction with web browsers and email systems.
Web LOW LOW
UBlock Origin ad blocker 1 FREE wikipedia.org
Qualys browser vulnerability scanner 1 FREE qualys.com
Email LOW LOW
Phish Tank - Check Phishing Emails 1 FREE phishtank.com
Phishing Box - Phishing IQ Test Training 1+ FREE phishingbox.com
Office LOW LOW
CIS Office Application Hardening 1 FREE cisecurity.org
Mobile MED LOW
Mobile Device Management MED LOW
Manage Engine MDM Free 10+ FREE manageengine.com
Cisco Meraki MDM Free License 10+ FREE meraki.cisco.com
Mobile Threat Protection LOW LOW
Lookout Mobile Security 1 FREE lookout.com
Malwarebytes for Mobile 1 FREE malwarebytes.com
Sophos Mobile Security for Android 1 FREE sophos.com
Quad 9 Connect Threat Protected DNS for Android 1 FREE quad9.net
CloudFlare Mobile VPN 1 FREE 1.1.1.1
Mobile Firewalls LOW LOW
Glasswire Android Firewall 1 FREE glasswire.com
Noroot Android Firewall 1 FREE google.com/store/apps
Netguard Android Firewall 1 FREE netguard.me
7. Enable Malware Protections 7% MED MED  
Control the execution of malicious code at multiple points in the enterprise and automate corrective action.
Install a Malware and Virus Scanner LOW LOW
Bitdefender 1 FREE bitdefender.com.au
Sophos Home 1 FREE sophos.com
Avira Home 1 FREE avira.com
Norton Internet Security 1 PAID norton.com
Kapersky Internet Security 1 FREE kaspersky.com.au
AVG Internet Security 1 FREE avg.com
Avast Antivirus 1 FREE avast.com
Zone Alarm Antivirus 1 FREE zonealarm.com
Windows Defender Antivirus 1 FREE microsoft.com
Malwarebytes Anti Malware 1 FREE malwarebytes.com
Panda Security Free Antivirus 1 FREE pandasecurity.com
Use a Sandbox Virtual Machine MED LOW
VMware Workstation Player 2 FREE vmware.com
Windows 10 Sandbox 2 FREE howtogeek.com
Windows Hyper-v Server 2 FREE microsoft.com
VirtualBox 2 FREE virtualbox.org
Tails Incognitio VM 2 FREE tails.boum.org
8. Enable Network Protections 7% HIGH HIGH  
Detect/prevent/correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.
Firewall LOW MED
Enable windows firewall 1 FREE microsoft.com
Little Snitch MacOS firewall 1 FREE obdev.at
Glasswire firewall 1 FREE glasswire.com
Zone Alarm Firewall 1 FREE zonealarm.com
Ubitquity Firewall and Security Gateway 3+ PAID ubnt.com
Sophos XG Threat Management firewall and IDS 3+ FREE sophos.com
Pfsense Firewall 5+ FREE pfsense.org
Smoothwall Firewall 5+ FREE smoothwall.org
Lulu MacOS Firewall 1+ FREE macupdate.com
Network Proxy MED MED
Squid Proxy 3+ FREE squid-cache.org
Network Segmentation MED MED
Ubitquity Firewall and Security Gateway 3+ PAID ubnt.com
Sophos XG Threat Management firewall and IDS 3+ PAID sophos.com
Threat Filtered DNS LOW LOW
Quad 9 DNS 1 FREE quad9.net
Open DNS 1 FREE opendns.com
Yandex DNS 1 FREE yandex.com
Strong Arm DNS 1 PAID strongarm.io
Comodo Dome Shield 1 FREE comodo.com
Detect Unsecure Ports LOW MED
Qualys Online Scanner for open ports 1 FREE qualys.com
NMAP Network Scanner 2 FREE nmap.org
Spiceworks Port Scanner 4+ FREE spiceworks.com
Encrypt Traffic with a VPN LOW LOW
Strongswan VPN 3+ FREE strongswan.org
Proton VPN 1 FREE protonvpn.com
Avira Phantom VPN 1 FREE avira.com
Tunnel Bear Free VPN 1 FREE tunnelbear.com
9. Data Protection and Recovery 5% HIGH MED  
Back up critical information with a proven methodology for timely recovery of it.
Data Encryption LOW LOW
Turn on device encryption in Windows 1 FREE microsoft.com
Turn on device encryption in MacOS 1 FREE macpaw.com
File Encryption Software AES Crypt 1 FREE aescrypt.com
File Encryption with USB Safeguard 1 FREE altervista.org
Veracrypt device encryption 2 FREE veracrypt.fr
Box Cryptor File Encryption 2 FREE boxcryptor.com
Tresorit File Sending Encryption 2 FREE tresorit.com
Offsite Backup LOW MED
Google Drive File Sync Backup 2 FREE google.com
Dropbox File Backup 2 FREE dropbox.com
Onedrive File Backup 2 FREE office.com
Apple iCloud 5Gb Free 2 FREE apple.com
Secure Data Wipe Software LOW LOW
Dariks Boot and Nuke Secure Harddrive Eraser 1 FREE dban.org
CBL Data Shredder 1 FREE cbldatarecovery.com
Eraser 1 FREE eraser.heidi.ie



e: david@cyberdefenceforeveryone.com