Tuesday, December 5, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • The Absolute Necessity of Multi-Factor Authentication
  • Our Brave New Compliance-Laden World
  • Behind EB Control’s Revolutionary Patented Key Management System
  • The Roots of Cybersecurity: Traditional Methods
  • Defining Geofencing: A Digital Boundary
Application Security Data Security Security Bloggers Network Vulnerabilities 

Home » Cybersecurity » Threats & Breaches » Vulnerabilities » Configuration Hardening: Proactively Guarding Systems Against Intrusion

SBN

Configuration Hardening: Proactively Guarding Systems Against Intrusion

by Megan Freshley on September 12, 2018

The concept of configuration hardening has nice imagery to it. When we use it to describe battle-hardened soldiers who have been tested in combat, a grim, determined image invariably leaps to mind. The same thing happens when we speak of hardened steel that’s been repeatedly quenched and tempered or of hardened fortifications and bunkers.

AI on ActionSponsorships Available

But what does this state of “being hardened” mean in the context of information systems? What do we mean when we talk about operating system hardening techniques to repel exploits and withstand intrusions? Much of this is captured in three simple concepts:

  1. Ensure a system’s security configurations are appropriately set given the job it needs to do.
  2. Ensure operating system software, firmware  and applications are updated to stay ahead of exploits that attack flaws in the underlying code.
  3. Ensure this process runs continually, leveraging and employing as much automation as possible.

What is Configuration Hardening?

Configurations are, in an almost literal sense, the DNA of modern information systems. “Configuration settings” are the attributes and parameters that tell these systems—from servers to network devices and from databases to desktops and applications—how to act and how to behave.

Unfortunately, these systems are made to “do work” and not to “be secure.” In other words, they’re shipped infinitely capable but effectively insecure. Modern computer systems have over 1,000 well-known ports with which to get work done. They also have another 40,000 or so “registered” ports and yet another 20,000 or so “private” ports. These in turn support a vast number of services and processes.

There’s a nice analogy that helps us get our arms around this: If we translate a server’s “ports and processes and services” to the “doors and gates and windows” in a house, we see information systems as unimaginably large, fundamentally porous houses.

Security configuration (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Megan Freshley. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/automation-action-proactively-hardening-systems-intrusion/

September 12, 2018September 12, 2018 Megan Freshley 20 Critical Security Controls, Application Security, attacks, Council on Cybersecurity, Data Loss Prevention, Featured Articles, Hardening Guidelines, Inventory Management, IT Security and Data Protection, Security Configuration Management, Security Strategies, system hardening, Vulnerability Management, vulnerability scanners
  • ← Enterprises Still Struggle to Put the Sec in DevOps
  • Butlin’s data breach affects 34,000 customers →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Thu 07

Improved Patient Experience: What That Means for Your Cybersecurity Posture

December 7 @ 1:00 pm - 2:00 pm
Mon 11

How Boundless Software Accelerated Customer Onboarding With Calico Cloud and Amazon EKS

December 11 @ 11:00 am - 12:00 pm
Mon 11

API Security

December 11 @ 1:00 pm - 2:00 pm
Thu 14

AWS Immersion Day: Securing Your Infrastructure-as-Code With Snyk and HashiCorp

December 14 @ 1:00 pm - 3:00 pm
Tue 19

Optimizing Application Security Effectiveness – Key Findings From the ESG Report

December 19 @ 9:00 am - 10:00 am
Feb 12

Ransomware

February 12, 2024 @ 1:00 pm - 2:00 pm
Mar 11

Securing Open Source

March 11, 2024 @ 1:00 pm - 2:00 pm
May 20

Zero-Trust

May 20, 2024 @ 1:00 pm - 2:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

Limiting Remote Access Exposure in Hybrid Work Environments
TikTok Ban Banned — Montana Loses in US Court
Security Pros See Budget Bump, Headcount Rise in 2023
VirusTotal: Generative AI is Great at Detecting, Identifying Malware
Exposed Hugging Face APIs Opened AI Models to Cyberattacks
Are the Fears about the EU Cyber Resilience Act Justified?
Cybersecurity Insights with Contrast SVP of Cyber Strategy Tom Kellermann | 12/1
Application Security Trends & Challenges with Tanya Janca
The Qlik Cyber Attack: Why SSPM Is a Must Have for CISOs
2023’s Dark Horse Cyber Story: Critical Infrastructure Attacks

Download Free eBook

Managing the AppSec Toolstack

Industry Spotlight

23andMe Finally Admits: 6.9 MILLION Users’ PII Breached
Analytics & Intelligence Application Security AppSec Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security DevOps DevSecOps Digital Transformation Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Security Awareness Security Boulevard (Original) Security Operations Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

23andMe Finally Admits: 6.9 MILLION Users’ PII Breached

December 5, 2023 Richi Jennings | 8 hours ago 0
Exposed Hugging Face APIs Opened AI Models to Cyberattacks
Cloud Security Cybersecurity Data Security DevOps Featured Industry Spotlight Network Security News Security Awareness Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

Exposed Hugging Face APIs Opened AI Models to Cyberattacks

December 4, 2023 Jeffrey Burt | Yesterday 0
P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices
Cloud Security Cybersecurity Endpoint Featured Industry Spotlight IoT & ICS Security Malware Mobile Security Network Security News Security Boulevard (Original) Social - X Spotlight Threat Intelligence 

P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices

December 4, 2023 Jeffrey Burt | Yesterday 0

Top Stories

TikTok Ban Banned — Montana Loses in US Court
AI and Machine Learning in Security AI and ML in Security Analytics & Intelligence Application Security AppSec Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics DevOps DevSecOps Digital Transformation Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Industry Spotlight Malware Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Securing the Edge Security at the Edge Security Boulevard (Original) Security Challenges and Opportunities of Remote Work Security Operations Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

TikTok Ban Banned — Montana Loses in US Court

December 1, 2023 Richi Jennings | 4 days ago 0
VirusTotal: Generative AI is Great at Detecting, Identifying Malware
Cybersecurity Data Privacy Data Security DevOps Featured Industry Spotlight Malware Mobile Security Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

VirusTotal: Generative AI is Great at Detecting, Identifying Malware

December 1, 2023 Jeffrey Burt | 4 days ago 0
Trend Micro Adds AI Tool While Extending CNAPP Reach
Analytics & Intelligence Application Security Cloud Security Cybersecurity Featured Incident Response News Security Boulevard (Original) Social - X Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Trend Micro Adds AI Tool While Extending CNAPP Reach

November 30, 2023 Michael Vizard | Nov 30 0

Security Humor

Daniel Stori's ‘Welcome To Hell’

Daniel Stori’s ‘Welcome To Hell’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.

Cloud Workload Resilience PulseMeter

Step 1 of 8

12%
How do you define cloud resiliency for cloud workloads? (Select 3)(Required)
  • Smaller, self-contained microservices fail independently without impacting overall availability.
  • Containerized software provides isolation and consistency, making it easier to scale and recover from failure.
  • Stateless design patterns increase scalability and can fail independently without impacting other parts of cloud applications.
  • Serverless design pattern allows events to initiate the operation of the discrete functions as needed.
  • Cloud-native architecture significantly influences the resiliency of cloud-deployed applications.
  • Cloud-native architecture provides limited or no resiliency improvement.
How important is improving the resiliency of cloud workloads for your organization in 2024? (Select 1)(Required)
Which of the following do you use to improve the resiliency of cloud workloads? (Select all that apply)(Required)
  • Distribute workloads
  • Portable workloads across multiple cloud providers
  • Move some workloads to the edge
  • Kubernetes clusters for failover and load distribution
  • Stateless software design
  • Increased security posture
  • Setting meaningful and achievable resiliency goals
What are the most significant challenges to improving the resiliency of cloud workloads or cloud-native applications? (Select all that apply)(Required)
How much of your cloud workload is cloud-native today? (Select 1)(Required)
What is your business or organization's size (# employees)? (Select 1)(Required)