16.7: Use Standard Hardening Configuration Templates for Application Infrastructure

CSF v1.1 References:

PF v1.0 References:

Group:

Previous Version:

Control Statement

Use standard, industry-recommended hardening configuration templates for application infrastructure components. This includes underlying servers, databases, and web servers, and applies to cloud containers, Platform as a Service (PaaS) components, and SaaS components. Do not allow in-house developed software to weaken configuration hardening.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]