Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Server Hardening


CIS Microsoft Windows Server 2022 Benchmark v1.0.0

In February 2022, CIS (Center for Internet Security) released the Microsoft Windows Server 2022 Benchmark v1.0.0 that includes 50+ new features, GPOs (Group Policy Objects), capabilities and services. The document offers a comparison between Server 2019 vs. Server 2022 for similarities and differences as well as similarities and differences of Windows 11 vs Windows 10.


Why to harden PowerShell and not remove it completely

The National Security Agency (NSA) and partner cybersecurity authorities recently released an information sheet recommending proper configuration and monitoring of PowerShell, as opposed to removing or disabling PowerShell entirely. PowerShell is a built-in scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks.


10 Windows Hardening stages for cyber resilience

Best practices are changing depending on the environment and server functionality. CIS baselines cover most of the relevant scenarios by addressing the first stage of your hardening project. Microsoft has been doing some work related to default security configuration, but there is still a big gap between security best practices (i.e. common benchmarks) and the default Windows configuration.


How Hardening is reflected in the different NIST Standards

NIST stands for National Institute of Standards and Technology. NIST was founded in 1901 and is a part of the U.S Department of Commerce. It is one of the oldest physical science laboratories in the US and was formed to remove challenges related to industrial competitiveness.


Vulnerability Scanning & Vulnerability Management is not Hardening

As a CISO or Security Manager, you understand your organization’s need to remain one step ahead of cybercriminals searching for gaps in your security posture. The market is flooded with solutions for dealing with vulnerabilities and the challenge continues to be understanding the ways to best prioritize and manage the vulnerabilities.