These playbooks apply the CIS benchmarks, very very useful for compliance. I use them at $dayjob to ...

Spivak • yesterday at 8:58 PM • 2 replies • view on HN

These playbooks apply the CIS benchmarks, very very useful for compliance. I use them at $dayjob to build our base AMIs.

As for whether they actually harden your servers, that's up for you to decide if you think that CIS actually helps. It certainly does reduce attack surface.

Replies

hackernudes • yesterday at 10:05 PM

Context: https://www.cisecurity.org/cis-benchmarks, https://www.cisecurity.org/about-us

"""The CIS Benchmarks® are prescriptive configuration recommendations for more than 25+ vendor product families. They represent the consensus-based effort of cybersecurity experts globally to help you protect your systems against threats more confidently."""

wingmanjd • yesterday at 9:21 PM

At my $DAYJOB, we have a bunch in-house saltstack states for applying the CIS benchmarks for Ubuntu, Debian, and CentOS. I never looked into it, but I always wondered if I'd be allowed to publish them publicly.

➕ show 1 reply

alt Hacker News

Replies