- AT&T Cybersecurity – Free and Commercial Tools to Implement the CIS Security Controls, Part 10 &11;: Secure Configurations & Control for Network
This article lists free and commercial tools that a company can use to help comply with CIS Controls 10 and 11.
- Canadian Centre for Cyber Security – Guidance for Hardening Microsoft Windows 10 Enterprise
This document provides guidance on Microsoft security features and tools that can be used to harden Windows 10 Enterprise Edition.
- Center for Internet Security – Benchmarks
This is a summary page for the 140+ configuration guidelines for various technology groups to safeguard systems developed by CIS.
- Center for Internet Security – Hardened Images
CIS Hardened Images are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud.
- CSO – Whitelisting explained: How it works and where it fits in a security program
This article provides a description of the cybersecurity practice of whitelisting in terms of implementation, while weighing benefits and challenges.
- Department of Homeland Security – Application Whitelisting (AWL): Strategic Planning Guide
This document highlights and summarizes the types of choices, and the related decisions, that need to be made prior to starting the planning process.
- Digital Guardian – What is Application Whitelisting? An Application Whitelisting Definition
This article defines application whitelisting and describes how application whitelisting works.
- DISA – Security Technical Information Guide (STIG)
The Security Technical Implementation Guides (STIGs) are the configuration standards for DOD IA and IA-enabled devices/systems. The STIGs contain technical guidance to “lock down” information systems/software that might otherwise be vulnerable to a malicious computer attack.
- Microsoft – Secure Boot
This Microsoft support document provides general information and guidance for secure boot in Windows Operating systems.
- Microsoft – Trusted Platform Module Technology Overview
Microsoft support document providing overview and guidance for Trusted Platform Modules and how it is used for access control and authentication.
- National Checklist Program Repository
The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.
- NIST – Roots of Trust Project
NIST resource list providing guidelines on BIOS integrity and protection.
- NIST SP 800-53: PE-17 Alternate Work Site
NIST resource that defines requirements for implementation and assessment of security controls at alternate work sites, for example government facilities or private residence of the employees.
- NIST SP 800-53: SI-7 Software, Firmware, and Information Integrity
NIST resource that defines the requirements employment of integrity verification tools to detect unauthorized changes to software, firmware, and information.
- Perception Point – System Hardening Guidelines for 2022: Critical Best Practices
Best practices for implementing hardened configurations on servers, OS, software, network, and databases.
- RedHat – Securing Red Hat Enterprise Linux 8
This is a security hardening guide for Red Hat Enterprise Linux 8, developed by Red Hat, Inc.
- SANS – Router and Switch Security Policy
This is a router and switch security policy provided by SANS. This document serves an example of the minimum requirements for security configuration for routers and switches.
- Splunk – Assess and Implement Critical Security Control #3
This is a presentation from a Splunk Conference on how to use splunk to assess and implement critical security control #3 which is secure configurations for hardware and software.
- The University of Texas at Austin Information Security Office – System Hardening Guides
This link provides various system hardening guides used by the University of Texas at Austin.
- vmware – What is Network Infrastructure Security?
Network Infrastructure Security, typically applied to enterprise IT environments, is a process of protecting the underlying networking infrastructure by installing preventative measures to deny unauthorized access, modification, deletion, and theft of resources and data.
- YouTube – Secure Configuration for Hardware and Software
This is a video from CIS that covers secure configurations for hardware and software.