Introducing configuration audits
A configuration audit is an information security procedure where you prepare a baseline configuration, and then compare this with the current configuration to perform a gap analysis, later working on closing those gaps to get as close as possible to the baseline configuration. This process of closing the gaps and achieving a maximum hardened state is called risk or vulnerability mitigation.
Most companies and organizations rely on strong configurations to ensure security in their systems. A well hardened and patched system is a nightmare for a hacker to break into. As many companies opt to move their operations to the cloud, configuration plays a great role in security now more than ever. A simple lapse in a network device, allowing default users to log in, would help a hacker gain access to a whole network in minutes.
A regular application has two major components: the frontend and the backend. The frontend is where the end users access the application as...