Secure the Deployment Environment
ensure the underlying infrastructure is secure. One of the most important aspects of securing the deployment environment is to ensure that the underlying infrastructure is secure. This includes securing the operating system, network, and other components that make up the deployment environment.
Thankfully they what are called benchmarks which allow an automated method to secure the environment.
The Center for Internet Security (CIS) has developed a set of benchmarks that provide guidance on how to secure various components of the deployment environment.
Secure the OS/ Vm / COntainer
These benchmarks are available for a wide range of operating systems, applications, and devices. By following these benchmarks, you can ensure that your deployment environment is secure and that you are following best practices for security. You can find the CIS benchmarks at https://www.cisecurity.org/cis-benchmarks/. Provided your OS is mainstream you can use the CIS-CAT tool to automate the process of securing your deployment environment. The CIS-CAT tool is a free tool that can be used to assess the security of your deployment environment against the CIS benchmarks.
Secure the Application
In addition to securing the deployment environment, it is also important to secure the application itself. This includes ensuring that the application is developed using secure coding practices, that it is tested for security vulnerabilities, and that it is configured securely. The CIS has also developed benchmarks for securing applications, which provide guidance on how to secure various aspects of an application. Sorry no automation for this tool but a very thorough guide can be found at https://www.cisecurity.org/cis-benchmarks/.
In later articles I will go into more detail on how to the wazuh with specifics, but If i delve into all granular controls I use that would be bad operational security.