Category Archives: CIS

CIS SECURITY BENCHMARKS

The CIS Security Benchmarks provide a good starting point for hardening your servers and applications.

The latest CIS Security Benchmarks can be downloaded here.

You can browse the available security Benchmarks here

Hardening VMware

References used to harden and audit Vmware

Continue reading →

WINDOWS

References used to develop Nessus Auditfiles for Windows :

Continue reading →

RED HAT ENTERPRISE LINUX

Resources used for creating custom Nessus Auditfile for Red Hat Enterprise:

Continue reading →

‘for loop’ in a Linux Nessus audit file

I’m working on a custom Linux auditfile with Oracle checks.
I want this audit file to be generic, so no hardcoded instance names in the auditfile.

Continue reading →

Performing MS SQL Audit with Nessus

Issue

The default Nessus\CIS auditfiles for MS SQL are split up in OS level and Database level auditfiles. This results in at-least 2 auditfile per instance which you have to schedule in 2 jobs.
This is not a scalable solution. Continue reading →