• 0 Posts
  • 1 Comment
Joined 1 year ago
cake
Cake day: July 1st, 2023

help-circle
  • Do a search for you server OS + STIG

    Then, for each service you’re hosting on that server, do a search for:

    Service/Program name + STIG/Benchmark

    There’s tons of work already done by the vendors in conjunction with the DoD (and CIS) to create lists of potential vulnerable settings that can be corrected before deploying the server.

    Along with this, you can usually find scripts and/or Ansible playbooks that will do most of the hardening for you. Though it’s a good Idea to understand what you do and do not need done.