filmov
tv
Automated Security Hardening for Ubuntu Server
Показать описание
Today, I am looking at a set of security scripts, which harden Ubuntu Server (20.04 or 22.04). Hardening is the process to change the system configuration in order to meet the basic set of compliance standards. In this example we will receive our compliance information from lynis, CIS and the DISA STIG. There are several things to discuss before jumping into the video.
WARNING: Never try a new automation script on production servers without first testing it in a controlled lab on test equipment! - you have been warned
First, how do we know what we need to change on our systems in order to bring it into compliance with various agency and regulatory standards. The first is the tool set provided by:
Second, Once we have applied the changes to our system, how do we know we have met the standards we are trying to comply with?
Security Content Automation Protocol (SCAP) is a method for using specific standards to help organizations automate vulnerability management and policy compliance evaluation. SCAP comprises numerous open security standards, as well as applications which use these standards to check systems for vulnerabilities and misconfigurations.
One of the compliance files is called a STIG or A Security Technical Implementation Guide is a configuration standard consisting of cybersecurity requirements for a specific product. These are usually crafted for a specific operating system and version such as Ubuntu 20.04, RedHat 8, etc.
00:00 - Intro
00:28 - Preparations
01:31 - Setup the Server
09:38 - validating the changes
11:17 - Running a few tests (768)
14:46 - OpenSCAP Run
16:19 - SCAP Analysis
21:17 - Final Thoughts
22:12 - Outro
Follow me:
Twitter @djware55
Licensed under Creative Commons: By Attribution 4.0 License
Licensed under Creative Commons: By Attribution 4.0 License
Werq by Kevin MacLeod
Industrial Cinematic by Kevin MacLeod
Music Used in this video
Licensed under Creative Commons: By Attribution 3.0 License
#Infosec #SCAP #STIG
WARNING: Never try a new automation script on production servers without first testing it in a controlled lab on test equipment! - you have been warned
First, how do we know what we need to change on our systems in order to bring it into compliance with various agency and regulatory standards. The first is the tool set provided by:
Second, Once we have applied the changes to our system, how do we know we have met the standards we are trying to comply with?
Security Content Automation Protocol (SCAP) is a method for using specific standards to help organizations automate vulnerability management and policy compliance evaluation. SCAP comprises numerous open security standards, as well as applications which use these standards to check systems for vulnerabilities and misconfigurations.
One of the compliance files is called a STIG or A Security Technical Implementation Guide is a configuration standard consisting of cybersecurity requirements for a specific product. These are usually crafted for a specific operating system and version such as Ubuntu 20.04, RedHat 8, etc.
00:00 - Intro
00:28 - Preparations
01:31 - Setup the Server
09:38 - validating the changes
11:17 - Running a few tests (768)
14:46 - OpenSCAP Run
16:19 - SCAP Analysis
21:17 - Final Thoughts
22:12 - Outro
Follow me:
Twitter @djware55
Licensed under Creative Commons: By Attribution 4.0 License
Licensed under Creative Commons: By Attribution 4.0 License
Werq by Kevin MacLeod
Industrial Cinematic by Kevin MacLeod
Music Used in this video
Licensed under Creative Commons: By Attribution 3.0 License
#Infosec #SCAP #STIG
0:22:35
Automated Security Hardening for Ubuntu Server
0:13:45
Strengthening Security: Automating CIS Benchmark Hardening for RHEL 9 with Ansible
0:09:12
Automate CIS Compliance on Ubuntu with USG Tool
0:47:54
STIG hardening on Ubuntu 22.04 with Ubuntu Security Guide
0:08:06
Configure and apply hardening rules in minutes with Ubuntu CIS Benchmark tooling
0:23:15
5 Steps to Secure Linux (protect from hackers)
0:18:58
The COMPLETE Linux Hardening, Privacy & Security Guide!
0:17:26
Quick tips to improve Linux Security on your desktop, laptop, or server (hardening for beginners)
0:22:48
10 Tips for Hardening your Linux Servers
0:08:40
DISA-STIG Hardening on Ubuntu Pro 20.04
0:09:05
Linux Server Hardening and Checklist
0:11:36
Linux Hardening with OpenSCAP -Security Content Automation Protocol
0:07:34
10 Basic Ways to Secure Ubuntu from Hackers
0:20:38
How To Protect Your Linux Server From Hackers!
0:09:44
The Biggest Linux Security Mistakes
0:04:49
CIS Benchmark Testing: Linux Hardening - Omar Santos
0:07:30
How to harden Red Hat Enterprise Linux (RHEL) to the CIS benchmark using Ansible
0:16:19
Automating Audit CIS Benchmark Hardening for RHEL 9 with Ansible
0:16:07
Ubuntu 24.04: How to Automate Updates with Unattended Upgrades
0:32:12
Automated Security Hardening with OpenStack-Ansible
0:18:49
Hardening Access to Your Server | Linux Security Tutorial
0:30:39
How to protect Linux from Hackers // My server security strategy!
0:04:22
Mastering Linux Security and Hardening Third Edition
0:12:39
Avoid kubernetes security risks with hardening best practices
Комментарии