256 KB | 3 files | PDF
Basic guidelines that can be applied to websites to reduce the attack surface or mitigate the effects of a compromise.
Every community organization, corporation, business, or government agency relies on an outward-facing website to provide information about themselves, announce an event, or sell a product or service. Consequently, public facing websites are often the most targeted attack vectors for malicious activity. Web server attacks include:
There are a number of challenges associated with securing a Web server because not only does the operating system need to be secured but so do the associated Web applications and services running on the device. One of the most difficult aspects is often keeping abreast of new and emerging vulnerabilities to both the Operating system and the Web applications as well as keeping those systems patched and up to date.
This TIP provides basic guidelines and security safeguard concepts that can be applied to public facing websites to reduce the attack surface area or mitigate the effects of a compromise.
The attached zip file includes:
The excerpt from chapter three addresses issues that should be considered before you decide to outsource, including security and privacy impacts and secure communication via telephone, email, mobile and smartphones, instant messaging and traditional mail. ... More >>
This publication presents a methodology for assigning authentication strengths based on the strength of pair wise bindings between the five entities involved in smart card based authentications. ... More >>
The Framework enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improving the security and resilience of critical infrastructure. ... More >>