System Hardening and Log Management Executive Overview
Last updated: September 04, 2024
In today’s climate, new vulnerabilities emerge as critical and exploitable but avoidable threats to enterprise assets and software. When deploying and maintaining enterprise assets and software being proactive is important and, as the configurations are normally geared towards ease-of-deployment and ease-of-use the user needs to ensure security is still the main focus.
By default, a lot of modern infrastructure is not in the most secure configuration possible. The default configuration of assets and software leads to avenues of attack for threat actors and should be rectified. Some areas of enterprise software deployments where actions can be taken to seal up configuration holes include: Services, Apps, Protocols; Account Management; Resource Control; Network Monitoring, and Log Collection. Organizations who approach cyber security proactively, leverage established frameworks and guidelines such as Critical Security Controls version 8 (CIS CSCv8) established by the Center of Internet Security. This study walks the reader through the different topics of System Hardening and Log Management. The study also shows how Tenable can help verify and track compliance. Lastly, the study describes how the user can use Tenable to visualize their compliance data.
This Cyber Exposure Study provides guidance through the following subjects:
-
-
This section breaks down and introduces searching and identifying keywords and patterns to use after a compliance policy scan. Audit files are also broken down to lay out what can be used to focus the queries in the Tenable Vulnerability Management and Security Center.
-
-
-
Involving the hardening of enterprise assets and software similar to the CIS Control 4: Secure Configuration of Enterprise Assets and Software describes how an asset should be configured. Tenable can help security teams understand and track compliance with secure configuration standards.
-
-
-
Log Collection and Management reinforces the secure configuration by ensuring audit logs and system logs are properly set up and enabled. Tenable is able to allow the user to verify certain logging configuration settings with the use of compliance scanning.
-
-
Network Hardening and Monitoring
-
The CIS Control 12: Network Infrastructure Management describes how network devices should be established, managed, and implemented to thwart potential attackers.
-
-
-
After understanding how to query results from compliance scans, creating widgets in Tenable Vulnerability Management or components in Tenable Security Center can assist security team in visualizing the data. These widgets/components can be used in both Dashboards and reports.
-