Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Server Hardening

Kubernetes Hardening Guide

Kubernetes, also referred to as k8s or “kubes,” stands as a portable, extensible, open-source container orchestration platform designed for managing containerized workloads and services. Initially developed by Google based on its internal systems Borg and later Omega, Kubernetes was introduced as an open-source project in 2014 and subsequently donated to the Cloud Native Computing Foundation (CNCF).

NIST server hardening: Guide for NIST 800-123

The NIST SP 800-123 Guide to General Server Security contains NIST recommendations on how to secure your servers. It offers general advice and guideline on how you should approach this mission. Its aim is to assist organizations in understanding the fundamental activities they nee dto undertake to secure their servers. Regulations such as HIPAA, HITRUST, CMMC, and many others rely on those recommendations, demanding organizations to enforce and comply with the guide.

Ultimate Guide to Security Impact Analysis: Essential Checklists

When planning a hardening project for information security, there are two types of impact analysis to consider – policy impact analysis and security impact analysis. Policy impact analysis refers to generating a report that indicates each policy rule’s impact on your production. It is especially important for avoiding system downtime caused by configuration changes. The second type of impact analysis is Security Impact Analysis.

Hardening Tools 101

Server hardening refers to the actions performed to reduce the server OS and application attack surface. this is done by changing the default configurations of the system’s components (servers, applications, etc.) and removing unnecessary components. Out of the box, Server OS are more function-oriented rather than for security, which means that unnecessary functions are enabled. Default, insecure configurations reflect a potential attack vector.

Windows 10 Hardening Guide: 10 Key Stages for Cyber Resilience

Best practices for mitigating various attack vectors are changing depending on the environment and server functionality. CIS baselines cover most of the relevant scenarios by addressing the first stage of your Windows server hardening project. Microsoft has been doing some work related to default security configuration, but there is still a big gap between security best practices (i.e. common benchmarks) and the default Windows configuration.

Securing Remote Desktop: RDS Configuration & RDS Hardening Guide

Windows Remote Desktop Service (RDS) is a component of Microsoft Windows that allows users to take control of a remote computer or a virtual machine that supports the Remote Desktop Protocol (RDP) via a network connection for RDP access. When enabling remote desktop access (RDP), it is crucial to implement strong passwords to thwart potential brute force attacks to ensure a secure remote desktop.

OS hardening 20 Best Practices

Operating system (OS) hardening, a facet of system hardening, involves the implementation of security measures of operating systems like Windows, Linux, or macOS (aka OS X) to bolster their defenses against cyberattacks. The primary aim is to fortify sensitive computing systems, thereby reducing their vulnerability to various security threats, including data breaches, unauthorized access, system intrusions, and malware in accordance with best security practices.

CIS Hardening and Configuration Security Guide

The Center for Internet Security (CIS) published an updated version for the CIS Controls- CIS Controls v8. The CIS Controls are a set of gold standard guidelines for organizations facing data security issues. These controls were developed to simplify and help IT ops and security teams to remain focused on the essentials. The CIS updates its recommendation according to changes and new discoveries in the Information Security field. The 8th version of the CIS Controls was published in May 2021.