Tuesday, November 13, 2018
  • Black Friday and Cyber Monday security concerns
  • DerbyCon 2018, Cara Marie’s & Andy Cooper’s ‘Cloud Computing Therapy Session’
  • Convergence of Security, Networking Services Accelerates
  • November 2018 Patch Tuesday – 62 Vulns, TFTP Server RCE, Adobe PoC
  • From my Gartner Blog – The new (old) SIEM papers are out!

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Application Security Data Security Security Bloggers Network Vulnerabilities 

Home » Cybersecurity » Application Security » Configuration Hardening: Proactively Guarding Systems Against Intrusion

Configuration Hardening: Proactively Guarding Systems Against Intrusion

by Megan Freshley on September 12, 2018

The concept of configuration hardening has nice imagery to it. When we use it to describe battle-hardened soldiers who have been tested in combat, a grim, determined image invariably leaps to mind. The same thing happens when we speak of hardened steel that’s been repeatedly quenched and tempered or of hardened fortifications and bunkers.

But what does this state of “being hardened” mean in the context of information systems? What do we mean when we talk about operating system hardening techniques to repel exploits and withstand intrusions? Much of this is captured in three simple concepts:

  1. Ensure a system’s security configurations are appropriately set given the job it needs to do.
  2. Ensure operating system software, firmware  and applications are updated to stay ahead of exploits that attack flaws in the underlying code.
  3. Ensure this process runs continually, leveraging and employing as much automation as possible.

What is Configuration Hardening?

Configurations are, in an almost literal sense, the DNA of modern information systems. “Configuration settings” are the attributes and parameters that tell these systems—from servers to network devices and from databases to desktops and applications—how to act and how to behave.

Unfortunately, these systems are made to “do work” and not to “be secure.” In other words, they’re shipped infinitely capable but effectively insecure. Modern computer systems have over 1,000 well-known ports with which to get work done. They also have another 40,000 or so “registered” ports and yet another 20,000 or so “private” ports. These in turn support a vast number of services and processes.

There’s a nice analogy that helps us get our arms around this: If we translate a server’s “ports and processes and services” to the “doors and gates and windows” in a house, we see information systems as unimaginably large, fundamentally porous houses.

Security configuration (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Megan Freshley. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/automation-action-proactively-hardening-systems-intrusion/

September 12, 2018September 12, 2018 Megan Freshley 20 Critical Security Controls, Application Security, attacks, Council on Cybersecurity, Data Loss Prevention, Featured Articles, Hardening Guidelines, Inventory Management, IT Security and Data Protection, Security Configuration Management, Security Strategies, system hardening, Vulnerability Management, vulnerability scanners
  • ← Enterprises Still Struggle to Put the Sec in DevOps
  • CVE-2018-8383: Microsoft Edge and Safari Exploited via Address Bar Spoofing Vulnerability →
Featured Blog

Fortinet All Blogs

What Your Customers Need from Today’s NAC Solutions

Fortinet All Blogs

Veterans Can Help Your Cyber Skills Gap

Fortinet All Blogs

Analyzing the New non-Beta Version of the Kraken Cryptor Ransomware

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Legacy Government Systems Vulnerable to Ransomware
Data Security Spotlight: Protecting Electoral (and Everyday) Data
Hackers Exploit Recently Patched ColdFusion Vulnerability
The Changing Face of Web Application Security
User Experience: Achieving Performance and Security
3 DevOps Security Challenges & How to Overcome Them
How to choose the best password manager | Avast
How to Increase Security in Your Smart Home
Your Definitive Guide to Information Security Conferences in 2019
Erealitatea[.]net Hack Corrupts Websites with WP GDPR Compliance Plugin Vulnerability

Upcoming Webinars

Tue 27

2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyber Defenses

November 27 @ 11:00 am - 12:00 pm
Thu 29

Cloud Security: What You Need to Know

November 29 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The State of Open Source Vulnerability Management

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

The Top 5 Industries Grappling with Bad Bots
Cybersecurity Industry Spotlight Malware Security Boulevard (Original) 

The Top 5 Industries Grappling with Bad Bots

November 13, 2018 Reid Tatoris | 15 hours ago 0
The Changing Face of Web Application Security
Application Security Cybersecurity Industry Spotlight Security Boulevard (Original) 

The Changing Face of Web Application Security

November 12, 2018 Tiffany Olson Kleemann | Yesterday 0
Data Security Spotlight: Protecting Electoral (and Everyday) Data
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

Data Security Spotlight: Protecting Electoral (and Everyday) Data

November 9, 2018 Steve Marsh | 4 days ago 0

Top Stories

Convergence of Security, Networking Services Accelerates
Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight 

Convergence of Security, Networking Services Accelerates

November 13, 2018 Michael Vizard | 3 hours ago 0
Hackers Exploit Critical Flaw in WordPress GDPR Compliance Plug-in
DevOps Endpoint Featured News Security Boulevard (Original) Spotlight Vulnerabilities 

Hackers Exploit Critical Flaw in WordPress GDPR Compliance Plug-in

November 13, 2018 Lucian Constantin | 11 hours ago 0
Hackers Exploit Recently Patched ColdFusion Vulnerability
DevOps Network Security News Security Boulevard (Original) Vulnerabilities 

Hackers Exploit Recently Patched ColdFusion Vulnerability

November 12, 2018 Lucian Constantin | Yesterday 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.