Fork me on GitHub

Implementation -> Infrastructure Hardening: Immutable Infrastructure

Risk and Opportunity

Risk: The availability of IT systems might be disturbed due to components failures
Opportunity: Redundancies in the IT systems

Exploit details

Usefullness: Medium
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Very Low

Additional Information

Dependencies: Infrastructure as Code, Usage of Semantic Versioning for components like project images
Implementation hints: Remove direct access to infrastructure
OWASP SAMM 2 Mapping: o-environment-management|A|1
ISO27001:2017 Controls Mapping: