Implementing and validating MITRE D3FEND Countermeasures using Wazuh EDR. Part I: HARDEN — PLATFORM HARDENING

D3FEND TACTIC: Harden.

Technique: Platform Hardening

Files owned by root with open permissions to anyone.
NTFS alternate data detected.
Wazuh’s FIM for continuous file permissions monitoring.
Pending restarts after system upgrade
Pending restarts after system upgrade
Installed software, vendor and release.
Installed patches and Hotfixes.
System and Software Vulnerabilities.
Vulnerable packages status.
CIS BENCHMARKS — WINDOWS SERVER 2019
AUDIT RESULT — LEVEL 1 + LEVEL 2 CONTROLS

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
SOCFortress

SOCFortress is a SaaS company that unifies Observability, Security Monitoring, Threat Intelligence and Security Orchestration, Automation, and Response (SOAR).