Security Configuration Management Michael Betti Sr SE Tripwire What Is It System Hardening is the act of reducing the attack surface in information systems and minimizing their vulnerabilities in accordance with ID: 637362
Download Presentation The PPT/PDF document "System Hardening … Made Easy" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
System Hardening … Made Easy
Security Configuration Management
Michael Betti, Sr. SE, TripwireSlide2
What Is It?
System Hardening
is the act of reducing the attack surface in information systems and minimizing their vulnerabilities in accordance with:
Recognized Best PracticesVendor Hardening Guidelines Custom Security PolicesIndustry Standards or BenchmarksSecurity Configuration Management is an automated, security-focused set of capabilities that makes system hardening: Repeatable and enterprise-scalable Continuous, with real-time or periodic capabilities as neededFlexible, and aligned with business needs, workflows and exceptionsSelf-correcting and self-remediating
2Slide3
3
“
The management and control
of configurations for an
information system with the
goal of
enabling security
and managing risk”
NIST says SCM is:Slide4
SCM: Tripwire Definition
The ability to create, edit and manage
IT security hardening policies in a way that
fits real-world business processes and continually balances risk and productivity
4Slide5
On Many Short-term Buying Lists
5
© 451 Group 2013Slide6
6
Gartner says
SCM is
the
#1 priority
in creating a server
protection strategy
1Slide7
7
Securosis says
configuration hardening
is the
2
nd
most effective
data security control
2Slide8
8
SANS says
SCM is the
3rd most important
security
control
you can implement
3
(& 10)Slide9
GCHQ’s New
Cyber Security Guidance
GCHQ released new
“10 Steps to CyberSecurity”
in Fall 2012
Focused on
executive
and board
responsibilityNames Secure Configurations as one of the most critical
steps to achieving an objective measure
of
cybersecurity
9Slide10
What’s the Reality When It Comes to SCM? It’s
Hard To Do
:
10Slide11
Configuration Drift Is A
Constant Enemy
“Configuration drift is a
natural condition in every data center environment due to the sheer number of ongoing hardware and software changes.” – Continuity Software blog“In less than a week
,
all the configuration
controls, permissions
and entitlements that
IT spends time testing are useless.” – ITPCG blog
11Slide12
What Can You Do?
12
M
onitors and
assess
critical configurations in:
File systems
Databases
like MS-SQL, Oracle, IBM DB2 and Sybase Directory services and network devices When?
:
Immediate detection of changes to critical, defense-dependant
configurations
Efficient
, change-triggered configuration assessment
Shorten time
of system
risk
Demonstrating Compliance:
Document any
waivers
Document when tests went from failing
to passing
Alerted to tests going from passing to
failng
– within minutes or at least hoursSlide13
Time
Secure
& Compliant
State
Security Posture
SECURITY POLICIES EFORCED
…CONTINUOUSLY
Continuous
Monitoring
13
Continually assess
and remediate insecure configurations, insuring always-hardened, always-ready information systems and network devicesSlide14
System Hardening Made Easy, By Tripwire