Fork me on GitHub

Implementation -> Infrastructure Hardening: Usage of security by default for components

Risk and Opportunity

Risk: Components (images, libraries, applications) are not hardened.
Opportunity: Hardening of components is important, specially for image on which other teams base on. Hardening should be performed on the operation system and on the services inside (e.g. Nginx or a Java-Application).

Exploit details

Usefullness: Medium
Required knowledge: High (two disciplines)
Required time: Medium
Required resources (systems): Very Low

Additional Information

Dependencies: Defined build process
Implementation hints: For applications: Check default encoding, managing secrets, crypto, authentication
OWASP SAMM 2 Mapping: o-environment-management|A|1
ISO27001:2017 Controls Mapping: