Matthew J. Harmon: Minneapolis, Minnesota, États-Unis, Earth

Action and Adventure on the High Seas of Information Security

Reduce your Attack Surface

Apr 05, 2014, Posted in infosec, 60sec

Every added device or installed software increases your attack surface.

  • Adding software or devices to your environment increases your attack surface as they must be maintained and monitored.
  • "Now you have two problems, the inital one and now this new thing that must be maintained, will you get another third product to maintain these two, next?"
  • Disable all features that aren't absolutely necessary and then add only as needed.

Start with a clean baseline

  • Spend your time upfront building and documenting a baseline image containing all the necessary configurations up front for your workstations and servers and use it going forward. It will save you time when building new systems and it will provide you a configuration repository that you can easily reference later.
  • Your baseline should include all of the necesary components to get your {workstation, server} live.
    • Operating System Installed and Updated
    • Client and Server Applications Installed
    • Unnecssary services disabled
    • Verified Configurations (NIST, CIS)
    • Automation Applied (Ansible, Puppet, Chef)
    • Backups Configured
    • Data Stores Tested
    • Functionality Tested
  • By putting forth the effort up front, you significantly reduce your attack surface and separate your production environment from the slap-dash throw it together quick of days gone by.
Matthew J. Harmon
Matthew J. Harmon -

Passionate security researcher, entrepreneur, consultant. Owner, founder, maker, mentor, teacher.

Loading Google+ Comments ...