15 matches found
Evaluating the Reliability of Multiple Large Language Models in Risk Assessment: A CIS Controls Based Approach
Proper implementation of technical and administrative controls reinforces an organization's cybersecurity posture and business resilience, reduces risks, and enhances governance, ultimately elevating business maturity. The dynamics of the technological landscape and emerging threats negatively...
Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts
2023 was a year of unprecedented cyberattacks. Ransomware crippled businesses, DDoS attacks disrupted critical services, and data breaches exposed millions of sensitive records. The cost of these attacks? Astronomical. The damage to reputations? Irreparable. But here's the shocking truth: many of...
Linux: KexAlgorithms
Key exchange is any method in cryptography by which cryptographic keys are exchanged between two parties, allowing use of a cryptographic algorithm. If the sender and receiver wish to exchange encrypted messages, each must be equipped to encrypt messages to be sent and decrypt messages received...
Linux: IP Forwarding
The net.ipv4.ipforward and net.ipv6.conf.all.forwarding flags are used to tell the system whether it can forward packets or not. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Microsoft Windows Firewall: Private: Inbound connections
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Microsoft Windows Firewall: Private: Logging: Log successful connections
This setting specifies logging when Windows Firewall with Advanced Security allows an inbound connection. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Microsoft Windows Firewall: Private: Logging: Size limit (KB)
This setting specifies the size limit of the file in which Windows Firewall will write its log information. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Microsoft Windows Firewall: Public: Logging: Log successful connections
This setting specifies logging when Windows Firewall with Advanced Security allows an inbound connection. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Microsoft Windows: MSS: (AutoAdminLogon) Enable Automatic Logon
This test checks the setting for policy SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.109313";...
Microsoft Windows: User Account Control: Run all administrators in Admin Approval Mode
This policy setting determines the behavior of all User Account Control UAC policies for the entire system. This is the setting that turns UAC on or off. C Microsoft Corporation 2017. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, an...
Windows Defender Firewall: Public Profile: Apply local connection security rules
The policy determines whether the local connection rules are merged with GP settings when connected to a public network. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Implementing the CIS 20 Critical Security Controls: Make Your InfoSec Foundation Rock Solid
For almost 10 years, thousands of organizations eager to solidify their security and compliance foundations have found clarity and direction in the the Center for Internet Security’s Critical Security Controls CSCs. This structured set of 20 foundational InfoSec best practices, first published in...
Implementing the CIS 20 Critical Security Controls: Delving into More Sophisticated Techniques
Corden Pharma needed a standardized security program to meet customer requirements. Link3 Technologies wanted to prioritize its network security improvements. Telenet was looking for a road map to implement its ISO-27000 compliance program. These three companies — a German pharmaceutical contract...
Implementing the CIS 20 Critical Security Controls: Building Upon Foundational Cyber Hygiene
Most successful cyber attacks exploit known vulnerabilities for which patches are available, or take advantage of weak configuration settings that could have been easily hardened. You can significantly lower the risk of being victimized by this type of common, preventable attack by adopting the...
Using CIS Controls To Stop Your Network From Falling in With the Wrong Crowd
Earlier this month Kyle Flaherty wrote a post on the Rapid7 Community Blog about how Rapid7 came out on top for coverage of the Center for Internet Security CIS Top 20 Security Controls. In light of recent DDoS events Id like to take a little time to discuss at a high level what the controls are,...