Lansweeper gives IT and security a shared view of every asset, so Controls 1 and 2 are met with evidence, coverage gaps are closed before they accumulate, and every downstream control builds on data you can trust.
CIS® CONTROL #1
Discover everything, automatically. Lansweeper automatically discovers every connected device — across IT, OT, IoT, and cloud — using unmatched network discovery. From switches and laptops to rogue devices and shadow IT, you get complete visibility to close CIS Controls compliance gaps and reduce exposure.
CIS® CONTROL #2
Lansweeper detects all installed software across every discovered device, tracks versions, publishers, and usage, and flags unauthorized or unsupported applications. Whitelisting and BI features support policy enforcement and software governance.
Success Story
Herman Miller used Lansweeper to gain the complete asset visibility required to meet CIS Controls 1 and 2—eliminating blind spots across their IT estate. By automatically discovering and managing both hardware and software, they strengthened their security posture and simplified audit prep.
CIS Control #3: Track encryption and secure sensitive data.
Track encryption status and secure sensitive data across your endpoints. Enforce encryption policies and reduce the risk of data loss or theft.
CIS Control #4: Eliminate misconfigurations at scale.
Audit and standardize configurations with built-in checks for firewalls, services, registry settings, and more—aligned with CIS Benchmarks.
CIS Control #5: Audit your accounts instantly.
Scan AD, O365, and Exchange to uncover orphaned users, weak policies, and unauthorized privileges—enabling secure, compliant access control.
CIS Control #6: Implement SSO, MFA, and role-based controls.
Support SSO and MFA, define asset scopes, and enforce granular access policies to minimize internal risk.
CIS Control #7: Stay ahead of threats.
Surface real-time threats from VulnCheck, CISA, and MSRC. Prioritize by exploitability and remediate faster using actionable risk insights.
CIS Control #8: Collect, centralize, and review your logs.
Collect and correlate event logs across devices. Monitor login patterns, detect anomalies, and support security investigations and reporting.
CIS Control #9: Identify outdated clients before they become a risk.
Track browser and email client versions across your network to ensure only secure, supported applications are in use.
CIS Control #10: Validate protection across all endpoints.
Verify antivirus presence, status, and updates. Scan endpoints for malware indicators and enforce protection policies across all devices.
CIS Control #12: Stay current, stay secure.
Identify and retire outdated network hardware. Monitor lifecycle and firmware status to support upgrades and reduce downtime risk.
CIS Control #13: Proactively detect threats.
Detect suspicious activity through event log insights. Lansweeper supports alerting and enriches SIEM/SOAR workflows with asset context.
CIS Control #16: Prioritize software vulnerabilities.
Prioritize software vulnerabilities by real-world risk. View severity, affected devices, and patch status in one place to streamline triage.
How it works
Discover every asset, understand what’s at risk, and push trusted data to the tools that take action.
Continuously discover and classify every asset across IT, OT, cloud, and IoT — managed, unmanaged, and shadow — without manual effort.
Normalize and apply context, vulnerability data, and lifecycle signals to assess risk, forecast spend, and surface optimization opportunities.
Deliver trusted asset intelligence to ITSM, CMDB, and security tools so actions are accurate, scoped, and prioritized.
INTEGRATIONS
Lansweeper feeds trusted, continuously updated asset intelligence into the tools that take action.
Explore the full platform, free for 14 days.
No credit card required.
The CIS Critical Security Controls are a prioritized set of cybersecurity best practices designed to help organizations reduce risk and improve security posture in a structured, measurable way. The framework starts with the premise that you cannot protect what you don’t know you have — making complete, continuously validated hardware and software inventory the foundation everything else depends on. Organizations that can’t demonstrate Controls 1 and 2 typically have gaps across every downstream control as well.
Lansweeper directly supports implementation of Controls 1 and 2 — hardware and software asset inventory — and contributes to 11+ additional controls including data protection (3), secure configurations (4), account management (5), vulnerability management (7), and network monitoring (13). The platform delivers the asset visibility, configuration data, and automation required to meet control requirements and generate audit-ready evidence.
CIS Control 1 requires a complete, continuously maintained inventory of all authorized hardware. CIS Control 2 requires the same for software. Lansweeper automatically discovers every connected device and detects all installed software across IT, OT, cloud, and IoT environments, eliminating the manual effort and inventory gaps that cause Controls 1 and 2 failures. Discovery is continuous, not periodic, so the inventory reflects the current state of the environment at any point.
CIS assessments start with Controls 1 and 2: if the asset inventory is incomplete, every downstream control is suspect. Lansweeper provides a continuously validated hardware and software inventory with configuration states, patch status, and access records maintained in one place. When an assessment begins, evidence for Controls 1 and 2 is already current, and supporting data for downstream controls is available on demand.
