Blog Posts Tagged with "Hardening"

219bfe49c4e7e1a3760f307bfecb9954

5 Common Windows Hardening Misconfigurations

October 31, 2013 Added by:Rohit Sethi

Over numerous Windows configuration review engagements that we have performed for our clients, we observed a common pattern in the configuration weaknesses that are worth highlighting here.

Comments  (0)

1de705dde1cf97450678321cd77853d9

Hardening Is Hard If You're Doing It Right

March 20, 2013 Added by:Ian Tibble

The early days of deciding what to do with the risk will be slow and difficult and there might even be some feisty exchanges, but eventually, addressing the risk becomes a mature, documented process that almost melts into the background hum of the machinery of a business.

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Terminal Services Attack Reductions Redux

September 10, 2012 Added by:Brent Huston

Our testing of the “rdp-sec-check” tool showed it to be quite useful in determining the configuration of exposed Terminal Services and in hardening them. Keep in mind, it is likely useful to harden the Terminal Services implementations internally to critical systems as well...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Change Management and Process Improvement

December 19, 2011 Added by:Rafal Los

I don't know of a bigger detractor to security than a broken enterprise change management process... whether you work for a million node global corporation, or a company with 100 laptops and an outsourced IT - poor change management will be the death of your security posture, period...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

Do Software Engineers Encourage Bad Security Practices?

April 26, 2011 Added by:Jamie Adams

As software engineers, we want to deliver the right solutions but when it comes to commercial products, the customers drive the features. Do we simply submit to these demands in order to make a buck or do we take a stand as leaders in information security?

Comments  (2)

Fc152e73692bc3c934d248f639d9e963

PCI Compliance and Virtualization

March 24, 2011 Added by:PCI Guru

It still surprises me the number of IT professionals that seem to think that because they are implementing Windows or Linux as a virtual machine there is something different about security and you can skimp on hardening. Security hardening procedures need to be completely followed regardless...

Comments  (0)

39ba31c76f5b8342fdcca5189a9253dc

Is your z/OS System Secure?

August 17, 2010 Added by:Barry Schrager

There is a great article in the current issue of z/Journal Magazine -- Is Your z/OS System Secure? We all assume that our z/OS systems, if properly configured, are secure. But, there is a lot of work to do that and, even then, z/OS and the Independent Software Vendor products, and even your own staff, have system vulnerabilities that can be exploited to circumvent system controls.

Comments  (0)

E973b16363b3de77b360563237df7e32

A System Hardening Process Checklist

August 07, 2010 Added by:Bozidar Spirovski

Hardening is the process of securing a system by reducing its surface of vulnerability. All system hardening efforts follow a generic process. So here is a checklist by which you can perform your hardening activities..

Comments  (0)