We often install applications with factory settings but never bother hardening them properly.  Default passwords, outdated versions, open ports, and insecure services introduce vulnerabilities to your environment.  Begin with an inventory of applications, understand how to secure them, and then move forward with configuration changes to improve your security posture.  Use vendor and industry best practices when securing your applications but remember to thoroughly test the solution and use change management lest we create unintentional denial of service attacks.  Patch applications to the current versions and enable logging and alerting.  Use the principal of least privilege when granting application access.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s