PR.PS-01.238

Has your organization established and maintained hardened baseline configurations for all systems that enforce security policies and provide only essential capabilities?

Explanation

Hardened baselines are standardized, security-focused configurations that remove unnecessary services, close security gaps, and ensure systems operate with minimal attack surface. These baselines should be thoroughly tested before deployment, regularly updated, and consistently applied across your environment to enforce the principle of least functionality. Evidence could include documentation of your baseline configuration standards, change management records showing baseline updates, automated configuration management reports, or results from compliance scanning tools that verify systems adhere to established baselines.

Implementation Example

Establish, test, deploy, and maintain hardened baselines that enforce the organization's cybersecurity policies and provide only essential capabilities (i.e., principle of least functionality)

ID: PR.PS-01.238

Context

Function: PR: PROTECT
Category: PR.PS: Platform Security
Sub-Category: Configuration management practices are established and applied

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub