• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2098
  • Last Modified:

NIST, CIS & SANS hardening guides for JBOSS, Weblogic, Websphere, IIS

0
sunhux
Asked:
sunhux
1 Solution
 
btanExec ConsultantCommented:
jboss -
there are no published CIS benchmarks for Red Hat JBoss Web Server (Tomcat or Apache). There are CIS benchmarks available for community version of Tomcat 5/6.x and Apache 2.2, however, those reports would not be accurate reflections of the Red Hat JBoss Web Server components.
https://access.redhat.com/solutions/1451973

if it is jboss app server - closer found is nist Checklist Details for JBoss Enterprise Application Platform (EAP) 5.x @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=430

another disa STIG (Red Hat JBoss Enterprise Application Platform (EAP) 6.3 STIG Version 1, Release 1) @ http://iase.disa.mil/stigs/app-security/app-servers/Pages/jboss.aspx


Websphere - nist (BEA WebLogic Server 7.0 sp6 Sun JRE 5.0 Update 4 ) Checklist Details for Application Services STIG Checklist Version 1 Release 1.1 @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=365


Weblogic - nist Checklist Details for Oracle WebLogic Server 12c STIG Ver 1, Rel 2  @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=670

disa STIG (Oracle WebLogic Server 12c STIG - Ver 1, Rel 2) @ http://iase.disa.mil/stigs/app-security/app-servers/Pages/general.aspx


iis - nist version is latest to Checklist Details for CIS Microsoft IIS 8 Benchmark 1.4.0 @ https://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=613
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now