cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Nolsie
Newcomer I

CIS Database Controls

Good Day All,

 

Does anybody have a condensed view or resource that details specific CIS controls for hardening databases ? I have looked through the 20 downloadable controls from the CIS site, and mention of database hardening only mentions using standard templates, not much by the way of detail. so has anybody been able to expand upon this ?

 

Many Thanks

 

 

Paul 

3 Replies
Nolsie
Newcomer I

Found a much more in depth resource within the CIS Benchmarks area of their site, so all good.

 

emb021
Advocate I

Yes, their Benchmarks are the hardened baselines they speak of.  Have them for most OSs, Cloud, and DBs.

 

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
Cousy14
Newcomer II

The DB benchmarks are available online in .pdf format. You can also access the baselines in Word or Excel format by using the CIS SecureSuite (free for government agencies). The SecureSuite also has pre-hardened images that are compliant with the associated security benchmark (at least they have images for operating systems, not sure about DBs). 

 

https://www.cisecurity.org/cis-securesuite/