NIST, CIS & SANS hardening guides for JBOSS, Weblogic, Websphere, IIS

Posted on 2016-07-20
Medium Priority
Last Modified: 2016-07-27
Question by:sunhux
1 Comment
LVL 66

Accepted Solution

btan earned 2000 total points
ID: 41721259
jboss -
there are no published CIS benchmarks for Red Hat JBoss Web Server (Tomcat or Apache). There are CIS benchmarks available for community version of Tomcat 5/6.x and Apache 2.2, however, those reports would not be accurate reflections of the Red Hat JBoss Web Server components.

if it is jboss app server - closer found is nist Checklist Details for JBoss Enterprise Application Platform (EAP) 5.x @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=430

another disa STIG (Red Hat JBoss Enterprise Application Platform (EAP) 6.3 STIG Version 1, Release 1) @ http://iase.disa.mil/stigs/app-security/app-servers/Pages/jboss.aspx

Websphere - nist (BEA WebLogic Server 7.0 sp6 Sun JRE 5.0 Update 4 ) Checklist Details for Application Services STIG Checklist Version 1 Release 1.1 @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=365

Weblogic - nist Checklist Details for Oracle WebLogic Server 12c STIG Ver 1, Rel 2  @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=670

disa STIG (Oracle WebLogic Server 12c STIG - Ver 1, Rel 2) @ http://iase.disa.mil/stigs/app-security/app-servers/Pages/general.aspx

iis - nist version is latest to Checklist Details for CIS Microsoft IIS 8 Benchmark 1.4.0 @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=613

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Spectre and Meltdown, how it affects me and my clients?
To share tips on how to stay ALERT and avoid being the next victim - at least not due to your own poor cyber habits and hygiene!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

586 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question