Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Nolsie
Newcomer I
‎03-20-2019 07:17 AM
‎03-20-2019 07:17 AM

CIS Database Controls

Good Day All,

 

Does anybody have a condensed view or resource that details specific CIS controls for hardening databases ? I have looked through the 20 downloadable controls from the CIS site, and mention of database hardening only mentions using standard templates, not much by the way of detail. so has anybody been able to expand upon this ?

 

Many Thanks

 

 

Paul 

Reply
0 Kudos
3 Replies
Nolsie
Newcomer I
‎03-20-2019 07:29 AM
‎03-20-2019 07:29 AM

Found a much more in depth resource within the CIS Benchmarks area of their site, so all good.

 

Reply
0 Kudos
emb021
Advocate I
‎03-20-2019 09:57 AM
‎03-20-2019 09:57 AM

Yes, their Benchmarks are the hardened baselines they speak of.  Have them for most OSs, Cloud, and DBs.

 

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
Reply
Cousy14
Newcomer II
‎03-20-2019 10:25 AM
‎03-20-2019 10:25 AM

The DB benchmarks are available online in .pdf format. You can also access the baselines in Word or Excel format by using the CIS SecureSuite (free for government agencies). The SecureSuite also has pre-hardened images that are compliant with the associated security benchmark (at least they have images for operating systems, not sure about DBs). 

 

https://www.cisecurity.org/cis-securesuite/

Reply
0 Kudos