The Importance of Configuration Management in Your Security Program When “Everything’s Everywhere, All at Once”

Webinar Registration

The typical organization that has already gone through much of their “digital transformation” knows that they have endpoints in remote locations, infrastructure on-premises and in the cloud, leveraging various types of environments including SaaS applications, virtualization and container technologies, as well as microservices. And when you consider vulnerabilities within every one of these environments that need to be managed, it becomes evident that inventorying vulnerabilities isn’t enough; it’s necessary to ensure each of these environments is securely configured (e.g. “hardened”).

The configuration of assets and operating systems is a powerful preventive control to reduce attack surface. It’s so effective at stopping cyberattacks that MITRE’s ATT&CK Framework points out that a proper configuration can mitigate 37 different threat techniques!

So, what does a properly-implemented Configuration Management program look like and how does it fit within the rest of your cybersecurity program?

In this Real Training for Free session, 4-time Microsoft MVP, Nick Cavalancia, takes my seat as he first discusses how and why Configuration Management fits into a Vulnerability Management program.

Next up, you’ll hear from Devin Krugly, Practice Advisor and Justin Prince, Technical Advisor – both from Rapid7 – as they dive deeper into the topic, breaking down the discipline itself into practical chunks using real-world attack examples. Topics will include:

  • Clarifying and simplifying all the terminology and definitions that have arisen from the hyper diversification of IT environments
  • The role of benchmarks in assessment using Center of Internet Security (CIS) and Defense Information Systems Agency (DISA) that provide technical guides Security Technical Implementation Guides (STIG).
  • Reading through a benchmark
  • Practical guidelines on how to incorporate Configuration Management into the broader attack surface or vuln management program

This Real Training for Free session will be chock full of practical technical detail! Register now!

First Name:   
Last Name:   
Work Email:  
Job Title:  

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.



Upcoming Webinars
    Additional Resources