How much system hardening should you do?

System Hardening When it comes to Linux system hardening there is a lot to do. From the almost book-like CIS benchmarks to following best practices found all over the web. Recently someone new to the field of information security asked me a simple, yet important questions: how much system hardening should you be doing? When is it enough? Since there was no easy answer, I have written down my thoughts to help others in the future. Time and Effort To understand […]

Read more

In-depth Linux Guide to Achieve PCI DSS Compliance and Certification

Linux Guide for PCI DSS Certification, Compliance, and Auditing If you work for a company which accepts, processes or stores credit card details, you might be very familiar with the PCI Data Security Standard (DSS). The standard itself is detailed, yet sometimes unclear on what specifically to implement (and when). This guide will help with translating the PCI standard to technical security controls on Linux systems. It is based on the current version of PCI DSS, which is now version […]

Read more