Closed afeld closed 6 years ago
Also, someone mentioned Microsoft EMET - are we still using that?
Microsoft will be deprecating EMET on/before July 31, 2018, and hence related settings have been omitted from the GSA hardening guides published by SecEng (ISE).
Kind regards,
R. Lambardo Richards (ISE-C), CISSP Analyst, Security Engineering Division Office of the Chief Information Security Officer General Services Administration M: 202/344.5599
On Wed, Dec 13, 2017 at 1:30 PM, Aidan Feldman notifications@github.com wrote:
Also, someone mentioned Microsoft EMET https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit
- are we still using that?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/GSA/security-benchmarks/pull/17#issuecomment-351480227, or mute the thread https://github.com/notifications/unsubscribe-auth/AbP0ig6Puwfdk3v-rTn0GFApWu4rU0Bxks5tABexgaJpZM4RA-YU .
@afeld I like to mature this first before we merge.
@jeremy-gillikin Sure. What would that look like? Is it checking things on your side, or want to set up a little time for the two of us to work through it together, or...?
Also, happy to add a big caveat of “THIS LIST IS A WORK-IN-PROGRESS” if that would help. More about giving ourselves and our users a sense of all that’s required for base images than trying to lay out formal requirements.
https://trello.com/c/GtixGfwg/215-as-a-user-i-know-what-security-agents-need-need-to-be-installed-on-connected-to-server-instances
This list came up in a meeting with D2D today, so took a quick pass at it. It will likely grow, and we'll hopefully link to more GSA-specific instructions (where applicable), Ansible roles, example usage, etc. as we go. Want to give us a starting list to iterate on.
Easiest to understand the changes by clicking the paper icon at the top of
Files changed
to see the "rich diff".Thanks!