Solved

NIST, CIS & SANS hardening guides for JBOSS, Weblogic, Websphere, IIS

Posted on 2016-07-20
1
673 Views
Last Modified: 2016-07-27
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 41721259
jboss -
there are no published CIS benchmarks for Red Hat JBoss Web Server (Tomcat or Apache). There are CIS benchmarks available for community version of Tomcat 5/6.x and Apache 2.2, however, those reports would not be accurate reflections of the Red Hat JBoss Web Server components.
https://access.redhat.com/solutions/1451973

if it is jboss app server - closer found is nist Checklist Details for JBoss Enterprise Application Platform (EAP) 5.x @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=430

another disa STIG (Red Hat JBoss Enterprise Application Platform (EAP) 6.3 STIG Version 1, Release 1) @ http://iase.disa.mil/stigs/app-security/app-servers/Pages/jboss.aspx


Websphere - nist (BEA WebLogic Server 7.0 sp6 Sun JRE 5.0 Update 4 ) Checklist Details for Application Services STIG Checklist Version 1 Release 1.1 @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=365


Weblogic - nist Checklist Details for Oracle WebLogic Server 12c STIG Ver 1, Rel 2  @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=670

disa STIG (Oracle WebLogic Server 12c STIG - Ver 1, Rel 2) @ http://iase.disa.mil/stigs/app-security/app-servers/Pages/general.aspx


iis - nist version is latest to Checklist Details for CIS Microsoft IIS 8 Benchmark 1.4.0 @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=613
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OnPage: Incident management and secure messaging on your smartphone
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question