Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

What are CIS Benchmarks and how to use them?

A list of 18 procedures (reduced from 20), or “controls,” recommended by the Center for Internet Security (CIS), must be followed to build an IT infrastructure resistant to cyberattacks. The CIS 4th Control advises to establish and maintain a secure configuration process for enterprise assets (end-user devices, including portable and mobile; non-computing/IoT devices; and servers) and software (operating systems and applications) (4.1).

Using CIS Hardening Scripts for Windows Server: Benefits and Risks

With each new version of Windows Server released, comes new security risks. Whilst each update enhances functionality for users, it can sometimes come at the cost of new vulnerabilities. The Centre for Internet Security (CIS) Benchmarks serve as a security baseline, helping both individuals and companies implement best practices for a secure configuration.

Hardening Systems for HIPAA 2025: A Hospital IT Guide to Compliance

The U.S. Department of Health and Human Services (HHS), the governmental body responsible for enforcing and overseeing the Health Insurance Portability and Accountability Act (HIPAA) proposed updates in December 2024, which were added to the Federal Register for comments on January 6th. These updates include changes to the Security Rule, looking to enhance cybersecurity to align with evolving security standards.

How Hardening is Reflected in the Different NIST Standards

NIST hardening standards and best practices refer to a collection of guidelines and recommended methods created by NIST (National Institute of Standards and Technology). These standards are crafted with the intention of strengthening the security and robustness of information systems. They serve as a structured approach for organizations to fortify their systems against possible security vulnerabilities and the risks associated with them.

UNC Path Hardening Quick Knowledge Guide

UNC paths allow Windows systems to access shared network resources, but they can also be a target for cyberattacks if not properly secured. In this video, we break down the Hardened UNC Path policy—a crucial security feature that enforces mutual authentication and integrity checks on critical shares like NETLOGON and SYSVOL. You'll learn: How the Hardened UNC Path policy works Step-by-step setup using Group Policy and registry keys How SMB encryption can add extra security (and its compatibility risks)

CIS Benchmarks Checklist: Is Your Windows Server 2025 Secure?

Windows Server 2025, the latest iteration of Microsoft's flagship server operating system, introducing new features, enhanced performance, and improved security capabilities. However, with these updates come new potential vulnerabilities, bringing with it the need for robust security configurations to protect against evolving threats. This is where benchmarks and hardening practices come into play.

CIS Controls v8.1: Everything You Need to Know

The Center for Internet Security (CIS) Controls are a prioritized set of Safeguards to mitigate the most common cyber-attacks against systems and networks. The SANS 20 Critical Security Controls, formerly known as the SANS Top 20, is now called the CIS Controls and has been reduced from 20 to 18 Controls since version 8.

Ensure IP forwarding is disabled a RHEL Benchmark

IP forwarding in Linux is a feature that allows a system to route packets between network interfaces, effectively functioning as a router. While this capability is essential for specific network setups, it poses security risks if enabled unnecessarily. Disabling IP forwarding is a critical step in server hardening, particularly for systems not intended to perform routing tasks.

What You Need to Know About 2025 Data Privacy Regulations in the U.S.

In 2025, US data privacy regulations are evolving rapidly. This video explores key state laws and regulations like the CCPA, CPRA, NY SHIELD Act, and the Massachusetts Data Privacy Protection Act. We discuss how these regulations impact businesses and the importance of robust security measures, including access controls, strong passwords, and regular audits. Learn how CalCom Hardening Suite can help your organization navigate these complex regulations and maintain a strong security posture.

What You Need to Know About 2025 Data Privacy Regulations in the U.S.

In an era where data breaches make headlines almost weekly and cybercrime costs businesses billions annually, states across the U.S. are taking decisive action to protect their residents’ sensitive information. From California’s groundbreaking privacy laws to New York’s rigorous cybersecurity requirements for financial institutions, state-level regulations are rapidly evolving to address the complex challenges of digital data protection.