Cyber Essentials Section 2 - Secure Configurations

The Cyber Essentials is a UK government-backed framework which is designed to assist organisations in protecting themselves against common threats.  The Cyber Essentials provides a basic cyber security foundation that can serve as a stepping stone to a more comprehensive zero-trust approach. The Cyber Essentials is built on 5 key components that, when implemented correctly, can reduce cyber risk.  The five key components are:

1. Firewalls and Boundary Devices
2. Secure Configurations
3. Access Control
4. Malware Protection
5. Patch Management

Tenable has released a series of dashboards, that focuses on each of the five basic technical controls, which organisations can use to help strengthen their defences against the most common cyber threats.

Misconfigured systems are often easy targets for attackers.  The focus of this dashboard is Section 2 - Secure Configurations which focuses on ensuring that computers and network devices are set up in the most secure method to reduce vulnerabilities and reduce organisations risk of exposure.    

Secure Configuration (also called security hygiene) is ensuring that devices and software are configured in the most secure way possible to reduce vulnerabilities and exposure to cyber threats.  Unused software or services can introduce exploitable vulnerabilities.  Default accounts and passwords are widely known and easy to exploit. The focus of this section applies to: servers, desktop computers, laptops, tablets, thin clients, mobile phones, IaaS, PaaS and SaaS.

A secure configuration is your first line of defense. Default configurations and installations are not always secure. Secure configuration begins with the identification and removal/disabling of unnecessary accounts, applications, and services, organisations can minimize vulnerabilities.

Components

• Compliance Summary - Secure Configuration Compliance Checks - This matrix presents the results of compliance audits to verify the secure configuration of systems, 

• Security End of Life - By SEoL Date Range - This matrix displays the count of applications that are no longer supported by vendors, assets with unsupported applications, and mitigated assurances of the unsupported applications over different time periods.

• Compliance Summary - Top Subnets with Compliance Concerns - This table presents the top Class C subnets with the most compliance concerns. 

• End of Life Software Detection - This table displays a list of software that is no longer supported by the vendor. 

• Default Credentials Summary - Default Credentials - This  table presents hosts with default account names, default passwords, or default credentials in use. 

• InfoSec Team - Insecure items, Weaknesses and Default Credentials - This matrix displays host counts based on the type of scan results collected for common security misconfigurations, including: security weakness, insecurity, cleartext disclosure, and password concerns are displayed in rows for each of the scanning methods.