From the course: OWASP Top 10: #5 Security Misconfiguration and #6 Vulnerable and Outdated Components
Join today to access over 25,200 courses taught by industry experts.
Prevention technique #1: Repeatable hardening
From the course: OWASP Top 10: #5 Security Misconfiguration and #6 Vulnerable and Outdated Components
Prevention technique #1: Repeatable hardening
- [Instructor What does the word Hardening mean when it comes to application security? Hardening a web application means identifying all of the various components and adjusting the configurations of those components to a more secure setting. A hardening standard is a document that provides instructions on how to do this for a particular type of technology. Hardening standards exist for browsers, operating systems, server software, visualization platforms, Cloud providers, mobile devices, network devices, desktop software, and even multi-function print devices. CIS, the Center for Internet Security, provides dozens of these standards, which they call benchmarks. These are developed by a community of tens of thousands of volunteer cybersecurity professionals with experience in academia, government, and industry. It's a truly amazing project. Let's take a look at the CIS Benchmark for Amazon Web Services. First of all, it's 215…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
What is security misconfiguration?3m 12s
-
(Locked)
Example #1: 2020 SolarWinds data breach3m 47s
-
(Locked)
Example #2: State of Pentesting Report2m 20s
-
(Locked)
Prevention technique #1: Repeatable hardening3m 16s
-
(Locked)
Prevention technique #2: Minimal platform3m 7s
-
(Locked)
Prevention technique #3: Configuration review2m 54s
-
-
-