cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Newcomer I

CIS Database Controls

Good Day All,

 

Does anybody have a condensed view or resource that details specific CIS controls for hardening databases ? I have looked through the 20 downloadable controls from the CIS site, and mention of database hardening only mentions using standard templates, not much by the way of detail. so has anybody been able to expand upon this ?

 

Many Thanks

 

 

Paul 

1 Solution

Accepted Solutions
Newcomer I

Re: CIS Database Controls

Found a much more in depth resource within the CIS Benchmarks area of their site, so all good.

 

3 Replies
Newcomer I

Re: CIS Database Controls

Found a much more in depth resource within the CIS Benchmarks area of their site, so all good.

 

Contributor II

Re: CIS Database Controls

Yes, their Benchmarks are the hardened baselines they speak of.  Have them for most OSs, Cloud, and DBs.

 

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, GSLC, GSTRT, ISSA Fellow
Newcomer II

Re: CIS Database Controls

The DB benchmarks are available online in .pdf format. You can also access the baselines in Word or Excel format by using the CIS SecureSuite (free for government agencies). The SecureSuite also has pre-hardened images that are compliant with the associated security benchmark (at least they have images for operating systems, not sure about DBs). 

 

https://www.cisecurity.org/cis-securesuite/