Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CalCom

Windows Spotlight - Configurations for Your Lock Screen

Windows Spotlight automatically displays a variety of high-resolution lock screen images. These come from various sources, including Bing searches, professional photographers, and Microsoft’s own collection. It's available on Windows Enterprise and Education editions only. The images encompass a variety of subjects from nature scenes, cityscapes, and architectural marvels to keep a fresh login screen.

Password Policy Configuration for Safer Security

A password policy is a set of rules that are usually a part of an organizations security regulations to improve computer security. These policies can be formal regulations or part of security awareness training programs that outline requirements such as minimum length, complexity and unique characters. A password must comply with these password strength rules to be set for an account.

Do not allow anonymous enumeration of SAM accounts

The two policy settings in the CIS Benchmarks control the ability of anonymous users to enumerate the accounts in the Security Accounts Manager (SAM). By enabling the policy settings, users with anonymous connections will not be able to enumerate domain account user names on the systems in your environment.

Act as Part of the Operating System Windows Security Setting

A process in Windows is a program which runs on the system, this can be anything from document editing software to games. The Windows security setting act as part of the operating system grants the capability to a process to assume the identity of any user and then gain access to the resources that the user is authorized to access.

CIS Microsoft Windows Server 2022 Benchmark v1.0.0

In February 2022, the Center for Internet Security (CIS) released the Microsoft Windows Server 2022 Benchmark v1.0.0, which includes over 50 new features, Group Policy Objects (GPOs), capabilities, and services. The document compares Server 2019 and Server 2022 for their similarities and differences, as well as Windows 11 and Windows 10.

Creating symbolic links - Like shortcuts but better

The create symbolic links user right determines the users ability to create a symbolic link within Windows from the device they’re logged on to. These links point to other files or folders, just like regular shortcuts, but works in a more advanced way. Symbolic links help maintain organization and flexibility while minimizing potential security risks by giving the ability to create a link in one folder that points to a file in a different folder, making it seem like the file exists in both places.

Configuring Maximum Security Log Size

Setting the maximum log size for event logs is crucial for your security policy. Proper configuration helps detect attacks and investigate their sources. Insufficient storage can result in information loss and undetected breaches. This article covers everything you need to know about configuring maximum security log size. Server hardening can be labor-intensive and costly, often causing production issues.

How to Automate IIS Hardening Script with PowerShell

IIS hardening can be a time-consuming and challenging process. PowerShell can help you achieve hardened IIS security settings to some extent, but it still requires hours of testing to ensure that nothing is broken. CSS by CalCom can automate the IIS hardening process with its unique ability to “Learn” your network, eliminating the need for lab testing while ensuring zero outages to your production environment.

The Complete System Hardening Guide

System hardening involves identifying and addressing security vulnerabilities across hardware, firmware, software, applications, passwords, and processes. Compatibility allows most applications to work smoothly, but securing a system requires additional steps known as system hardening best practices, which are crucial for protection against advanced threats. Microsoft emphasizes server security and provides comprehensive hardening techniques and best practices tailored to various platforms.

Windows Server 2022 CIS Hardening Script Recommendations

In February 2022, the Center for Internet Security (CIS) released the CIS Microsoft Windows Server 2022 Benchmark v1.0.0, providing security best practices for establishing a secure configuration and hardening guide for Microsoft Windows. For automation of CIS benchmarks, Get in Touch. Following this release, CIS updated their recommendations for older operating systems, extending back to Windows Server 2008 where applicable. Below we discuss CIS Windows server 2022 hardening script we feel are critical.