Login
    Contents x
    Secure Configuration
    • 21 Mar 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    Contents

    Secure Configuration

    • Updated on 21 Mar 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    Article summary

    WHAT IS SECURE CONFIGURATION AND WHY IS IT IMPORTANT?

    Secure Configuration is the process of establishing specifications, called configuration baselines, for system types (e.g., operating systems, databases, network devices), configuring systems to those baselines before deploying them, and then periodically reviewing systems to ensure that the settings in the baselines remain in place. To monitor compliance with configuration baselines, organizations use scanning solutions that assess devices to ensure that required security settings are configured as expected. These solutions identify deviations from the baseline that need to be remediated.

    Secure configuration management reduces vulnerability exposure, i.e., attack surface. By ensuring devices are hardened in compliance with established secure configuration baselines, the risk of system compromise due to known vulnerabilities and weak configurations is reduced. Regular reviews of system configurations help ensure that appropriate security settings remain in place over time.

     

    CONTROLS THIS DASHBOARD REPORTS ON

    This dashboard reports on your organization’s level of compliance with these controls:

    NIST CSF v2.0: Subcategory PR.PS-01 Configuration management practices are established and applied

    PCI-DSS v4.0.1: Requirement 2.2.1 Configuration standards are developed, implemented, and maintained

    CIS CSC v8.1: Control 4 Secure Configuration of Enterprise Assets and Software

     

    PRIMARY KEY PERFORMANCE INDICATOR (KPI)

    The dashboard reports on this Primary KPI:

    Numerator: Count of devices where configuration baselines are implemented to a compliant degree

    Denominator: Count of devices in scope for secure configuration scans

     

    COLUMNS DISPLAYED ON THE DETAIL DASHBOARD

    • Compliance Status
    • Hostname, IP1, Device Type – device information
    • OS Name, OS Version
    • Status, Event Date – configuration scan result, and date of the scan
    • PCI Context – whether the device is in scope for PCI DSS
    • Owner Full Name, Owner Emp Id, Owner Email Address, Owner Job Title - Owner information
    • Manager Employee ID, Manager Full Name, Manager Email Address - Employee's (Owner's) manager
    • Executive VP, Senior VP, VP / Executive Director - Management chain for the Employee
    • Level 5, Level 6 - Additional levels of management for the Employee

     

    OCSF TABLES USED BY THE DASHBOARD

    • Device Inventory Info [5001]
    • User Inventory Info [5003]
    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence