A BISSaN Hardened Linux Operating System image provides a security focused environment ideal for running web applications, databases and application servers and helps in mitigating common threats such as insufficient authorisation, network & program attack threats. The Operating System is thoroughly scanned, vetting each and every base component within every release leveraging a pool of industry certified security tools. The Operating System is initially stripped from all the unnecessary insecure packages, settings and permissions. The base system is then further tuned, patched and hardened applying security recommendations from leading security industry organisations, standards and governing bodies such as the CIS, ISO, SOC, NIST and BSI to adhere and meet security regulations and compliance. This ensures you have a secure environment to run your application and hit the ground running upscaling your security posture and audit compliance within your organisation. BISSaN images are always up-to-date, secure, and built to work right out of the box.
Stack Tuning, Once the Operating System has been secured it is then tuned to optimise the networking stack with thoroughly tested and benchmarked parameters ensuring the web application, database or application server can run to its most efficient capability with the required memory, process and networking stack throughput.
BISSaN packages images following industry standards, and continuously monitors all components and libraries for vulnerabilities and application updates. When any security threat or update is identified, BISSaN automatically repackages the images and pushes the latest versions to the cloud marketplaces.
Included within the Image (Linux Only):
- Virus Scanner - ability to be executed on an adhoc basis or regular cadence to ensure files and packages are vetted appropriately and eliminate any threats from surfacing
- Shell Command Logger - Logs each and every users shell command executions to “/var/log/secure” for auditing and traceability purposes. Providing the ability to perform forensics and detail investigations in determining the user and the commands executed. Secure logs then be shipped to your favourite SIEM tool for monitoring and auditing purposes as well
- Update default Login Security Banner: /etc/issue.net
VM Creation Min Password Policy
Set the Windows or Linux admin/users password using the password policy below to gain access to the VM.
- Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
- Be at least 14 characters in length
- Contain characters from three of the following four categories:
- English Uppercase characters (A through Z)
- English Lowercase characters (a through z)
- Base 10 digits (0 through 9)
- Non-alphabetic characters (for example, !, $, #, %)
- Complexity requirements are enforced when passwords are changed or created.
Recommended: once deployed, any new package that is required should be installed from a reliable source repository and rescanned to validate no new vulnerabilities have been introduced before approving.
Security is not an option but a necessity. Stay ahead of the hack with a BISSaN Security Hardened Operating System.
Securely preconfigured Linux and Windows hardened images are now available to spin up immediately from the Azure, AWS and Google cloud marketplaces by simply searching for BISSaN.