IIS hardening can be a time-consuming and challenging process. PowerShell can help you achieve hardened IIS security settings to some extent, but it still requires hours of testing to ensure that nothing is broken. CSS by CalCom can automate the IIS hardening process with its unique ability to “Learn” your network, eliminating the need for lab testing while ensuring zero outages to your production environment.

IIS server, Microsoft’s Windows web server is one of the most used web server platforms on the internet. IIS 10 hardening according to the IIS CIS benchmarks is essential for preventing cyber-attacks and achieving CIS compliance. Common breaches happen by using IIS unsecured server protocols and configurations, such as SMB and TLS/SSL. The IIS default configurations is not recommended to use and should be changed to meet the IIS CIS benchmarks requirements.

The National Institute of Standards and Technology (NIST) has developed a robust framework known as the NIST 800-171 guidelines for “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” recently updated on May 10, 2023 which serves as a cornerstone for enhancing system security and ensuring compliance.

In today’s ever-evolving digital landscape, organizations operating in regulated industries face the challenge of meeting stringent regulatory requirements to ensure the security and privacy of their systems and data. NIST compliance, guided by key NIST publications, plays a vital role in helping organizations navigate these complex regulatory landscapes effectively.

NTLM V1 and V2, and Kerberos are three authentication protocols. These protocols aim to enhance security, especially in the Active Directory environment. Authentication protocols are popular attack vectors. They can help attackers gain access and elevate privileges. It is important to choose the relevant and most secured protocol for your environments and configure it properly. The most veteran protocol among the three is NTLMv1.

Do not allow COM port redirection in RDP is the name of a security setting stated in Windows servers CIS benchmarks/STIGs. A COM port is an I/O interface that enables the connection of a serial device to a computer. In some cases COM ports are called “serial ports”. Most computers are not equipped with COM ports anymore but there are many serial port devices still used in computer networks.

In 2014 and with extensive community involvement NIST Cybersecurity Framework was created for private sector organizations in the United States. It is also aligned with other NIST standards and guidelines, such as NIST 800-53 and FedRAMP. NIST Cybersecurity Framework (CSF or Framework) is intended to be a living document that is refined and improved over time and was updated in 2018 and called CSF 1.1. We will be discussing NIST CSF 2.0.

The National Institute of Standards and Technology (NIST) is on a mission to maintain measurement standards, technology advancements, and industrial competitiveness in the United States. This article provides guidance and a set of working assumptions that help guide and inform the control selection process. It also provides guidance on the development of overlays to facilitate control baseline customization for specific communities of interest, technologies, and environments of operations.