Vince Lombardi, the famous football coach, used to start his training camp each season with a talk about doing the basics. Hed tell the players that they start with the basics, then hed take a football and hold it up and tell them, This is a football. In football, as in life and IT Security, starting with the basics is the most important step you can take. Dont assume anything.
So, let us begin with the basics.
CIS is the Center for Internet Security. In Tripwire terms, what does CIS mean?
There are two kinds of CIS used by Tripwire:
The CIS Top 20 Critical Security Controls give you a set of steps. Start from the top, and work your down the list, adding layers of security along the way. They start with the basics. Knowing what is changing in your environment and how things are configured are two very basic parts of the 20 Controls.
The CIS recommendations for how to securely configure assets is used by Tripwire to guide you in terms of how to configure various software packages in a secure way.
Each OS and application has configuration settings like Login Success and Failure that have (Read more...)Read More..