Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CalCom

PCI-DSS Requirement 2.2: Server Hardening Standards Guide

Jun 22, 2025 By Ben Balkin In CalCom
The Payment Card Industry Data Security Standard (PCI DSS) is a global initiative that provides a consistent, baseline framework of security measures, facilitating their adoption and implementation. PCI DSS Requirement 2.2 states that System components are configured and managed securely. In this guide, we will provide the necessary background and context to understand and comply with Requirement 2.2.
Read Post
CalCom

Securing SSH on RHEL: 5 Essential Configuration Steps

Jun 9, 2025 By Jonny Gold In CalCom
Linux distributions, such as Red Hat Enterprise Linux (RHEL), dominate the enterprise and cloud computing sectors. One of the many reasons for the success and popularity of Linux is its support of convenient and straightforward remote access protocols, such as Secure Shell (SSH). In the right hands, SSH’s ability to securely access remote servers enables access to any Linux server, regardless of the environment. The problem is that, in the wrong hands, SSH can be a security nightmare.
Read Post
CalCom

What are CIS Benchmarks and how to use them?

Apr 30, 2025 By Ben Balkin In CalCom
A list of 18 procedures (reduced from 20), or “controls,” recommended by the Center for Internet Security (CIS), must be followed to build an IT infrastructure resistant to cyberattacks. The CIS 4th Control advises to establish and maintain a secure configuration process for enterprise assets (end-user devices, including portable and mobile; non-computing/IoT devices; and servers) and software (operating systems and applications) (4.1).
Read Post
CalCom

Using CIS Hardening Scripts for Windows Server: Benefits and Risks

Apr 28, 2025 By Ben Balkin In CalCom
With each new version of Windows Server released, comes new security risks. Whilst each update enhances functionality for users, it can sometimes come at the cost of new vulnerabilities. The Centre for Internet Security (CIS) Benchmarks serve as a security baseline, helping both individuals and companies implement best practices for a secure configuration.
Read Post
CalCom

Hardening Systems for HIPAA 2025: A Hospital IT Guide to Compliance

Apr 7, 2025 By Ben Balkin In CalCom
The U.S. Department of Health and Human Services (HHS), the governmental body responsible for enforcing and overseeing the Health Insurance Portability and Accountability Act (HIPAA) proposed updates in December 2024, which were added to the Federal Register for comments on January 6th. These updates include changes to the Security Rule, looking to enhance cybersecurity to align with evolving security standards.
Read Post
CalCom

How Hardening is Reflected in the Different NIST Standards

Apr 7, 2025 By Ben Balkin In CalCom
NIST hardening standards and best practices refer to a collection of guidelines and recommended methods created by NIST (National Institute of Standards and Technology). These standards are crafted with the intention of strengthening the security and robustness of information systems. They serve as a structured approach for organizations to fortify their systems against possible security vulnerabilities and the risks associated with them.
Read Post

UNC Path Hardening Quick Knowledge Guide

Mar 18, 2025 By CalCom In CalCom
UNC paths allow Windows systems to access shared network resources, but they can also be a target for cyberattacks if not properly secured. In this video, we break down the Hardened UNC Path policy—a crucial security feature that enforces mutual authentication and integrity checks on critical shares like NETLOGON and SYSVOL. You'll learn: How the Hardened UNC Path policy works Step-by-step setup using Group Policy and registry keys How SMB encryption can add extra security (and its compatibility risks)
View Video
CalCom

CIS Benchmarks Checklist: Is Your Windows Server 2025 Secure?

Feb 2, 2025 By Ben Balkin In CalCom
Windows Server 2025, the latest iteration of Microsoft's flagship server operating system, introducing new features, enhanced performance, and improved security capabilities. However, with these updates come new potential vulnerabilities, bringing with it the need for robust security configurations to protect against evolving threats. This is where benchmarks and hardening practices come into play.
Read Post
CalCom

CIS Controls v8.1: Everything You Need to Know

Jan 14, 2025 By John Gates In CalCom
The Center for Internet Security (CIS) Controls are a prioritized set of Safeguards to mitigate the most common cyber-attacks against systems and networks. The SANS 20 Critical Security Controls, formerly known as the SANS Top 20, is now called the CIS Controls and has been reduced from 20 to 18 Controls since version 8.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.