Consistent Security Controls through CIS Benchmarks - Martin White
The Center for Internet Security is a non-profit, consensus driven org serving the Internet community by providing free security standards across a range of platforms.
As author of the CIS JUNOS benchmarks, I will cover how to use Benchmarks and prehardened images for a consistent security posture.
With ever increasing pace of change in the infrastructures we manage and a bewildering array of options on every network device, host, server, VM and Cloud Provider - providing and auditing a consistent security posture and configuration hardening has never been more vital.... or difficult.
There are just _too many_ choices to make and none of us has the time to be expert enough across all of these platforms to make every choice, so many basic security measures are not set.
This is where Center for Internet Security Benchmarks can help. Each CIS Benchmark is written by experts on the individual platform with a view to implementing key CIS Controls, and verified through a consensus process lead by a strong membership community, often with input from the vendor.
Benchmarks implement provide a consistent starting point, with each individual recommendation explained and both configuration & audit processes described.
In the talk we will discuss:
* What is the Center for Internet Security?
* What are CIS Controls?
* What are CIS Benchmarks?
* Level 1 and Level 2 Recommendations
* Look at some example recommendations from the Juniper and AWS benchmarks
* Options for Auditing CIS Benchmarks
* Introducing CIS Pre-Hardened Images on AWS, Google Cloud and Azure
* How can you get involved with CIS?