Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Server hardening refers to the actions performed to reduce the server OS and application attack surface. this is done by changing the default configurations of the system’s components (servers, applications, etc.) and removing unnecessary components. Out of the box, Server OS are more function-oriented rather than for security, which means that unnecessary functions are enabled. Default, insecure configurations reflect a potential attack vector.

A correlation between ATT&CK Mitigations and CIS Controls, often termed as a ‘high-level’ mapping, show case the count of mapped ATT&CK (Sub-)Techniques within each ATT&CK Mitigation. Additionally, it provides the total number of ATT&CK (Sub-)Techniques associated with the respective ATT&CK Mitigation. Mitre attack mapping accurately and consistently maps adversary behaviors relevant to ATT&CK techniques as part of cyber threat intelligence (CTI).

User Account Control (UAC) plays a crucial role in Windows security by mitigating the risk of malware. It accomplishes this by restricting the capacity of malicious code to run with administrator privileges. The CIS benchmark 2.3.17 for User Account Control (UAC) specifically addresses the security configuration settings related to UAC on Windows operating systems. We will discuss in this blog CIS benchmarks for.

In interactive login, users directly engage with the computer system through a user interface, commonly achieved by logging in via a graphical user interface (GUI) or a command line interface (CLI).

Optimally configuring “DisableIPSourceRouting” parameter enhances security by mitigating the risk of denial-of-service (DOS) attacks through packet spoofing. In such attacks, the goal is to inundate the target with high volumes of traffic, and using spoofed IP addresses makes it challenging to filter and identify the true source of the attack. Server hardening can be arduous. CSH by CalCom automates the process, learning your network to eliminate the need for testing.

Windows PowerShell is a powerful scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify managing and automating administrative tasks. PowerShell was launched in 2006 and has been a standard feature of the Windows operating system (OS) since Windows 7, enabling system administrators to simplify and automate administrative tasks while following essential security best practices.

Active Directory is most organizations’ primary identity storage, and is integral to an organization’s operating system. It is used to manage security principals, including user accounts, computers, servers, and other devices in the network. Since its launch 20 years ago, it has been integrated with numerous applications and systems and became one of the main foundations in the organization’s IT infrastructure.

The OSPF (Open Shortest Path First) protocol belongs to a category of IP Routing protocols and serves as an Interior Gateway Protocol (IGP) designed for the Internet. It is employed to disseminate IP routing details across a solitary Autonomous System (AS) within an IP network.

While NetBIOS (Network Basic Input/Output System) has been historically used for local network communication, it has several security vulnerabilities and limitations, and its use has diminished over time. Here are some reasons why someone might want to disable NetBIOS: Broadcast Traffic: NetBIOS relies on broadcast traffic for name resolution, which can lead to network congestion and inefficiency, especially in larger networks.

User Account Control (UAC) serves as a security feature in Windows, aiming to safeguard the operating system from unauthorized modifications. Whenever alterations demand administrator-level permissions, UAC prompts the user, allowing them to either authorize or reject the requested change.