16.7: Use Standard Hardening Configuration Templates for Application Infrastructure
CSF v1.1 References:
PF v1.0 References:
Previous Version:
- Critical Security Controls Version 7.1:
- 18.11: Use Standard Hardening Configuration Templates for Databases
Control Statement
Use standard, industry-recommended hardening configuration templates for application infrastructure components. This includes underlying servers, databases, and web servers, and applies to cloud containers, Platform as a Service (PaaS) components, and SaaS components. Do not allow in-house developed software to weaken configuration hardening.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]