As a CISO or Security Manager, you understand your organization’s need to remain one step ahead of cybercriminals searching for gaps in your security posture. The market is flooded with solutions for dealing with vulnerabilities and the challenge continues to be understanding the ways to best prioritize and manage the vulnerabilities.

Our team has more than a decade of experience in server hardening. We’ll help you determine the right policy to achieve maximum compliance with minimal efforts.

Microsoft continues urging its customers to understand two core security vulnerabilities in the domain controllers of Active Directory. These vulnerabilities had been addressed by the company in November 2021. It was followed by a PoC or Proof of Concept tool on 12th December. The two vulnerabilities have been tracked as CVE-2021-42278 sAM (sAMAccountName spoofing ) and CVE-2021-42287 KDC.

Defining and implementing a comprehensive server security policy is an essential step in the process of securing both Windows and Linux servers. Organizations should establish different hardening policies for each system component, aspiring to be as granular as possible (differentiating component’s type, role, version, environment, etc.).