Does anybody have a condensed view or resource that details specific CIS controls for hardening databases ? I have looked through the 20 downloadable controls from the CIS site, and mention of database hardening only mentions using standard templates, not much by the way of detail. so has anybody been able to expand upon this ?
The DB benchmarks are available online in .pdf format. You can also access the baselines in Word or Excel format by using the CIS SecureSuite (free for government agencies). The SecureSuite also has pre-hardened images that are compliant with the associated security benchmark (at least they have images for operating systems, not sure about DBs).