Skip to content ↓ | Skip to navigation ↓

To close the gap on attackers and make them less apt to succeed, the SANS 20 Critical Security Controls lists Secure Configuration for systems, servers and end points as a third critical control, and secure configuration for network and security devices as a tenth critical control.

Both controls recommend assessing, prioritizing and putting IT assets under a secure configuration management lifecycle. But what does that mean exactly, who’s responsible for lifecycle, and how can this be executed on a preventative scale without overwhelming the IT group and system users?


Learn from SANS’ configuration and virtualization expert, Dave Shackleford, about what secure configuration management is-and, as importantly, what it is not. In this interactive discussion, Dave and Tripwire’s Michael Thelander will take the pain out of security configuration management through:

  • Prioritizing, discovering and then aligning your efforts to the business
  • Secure hardening that’s flexible to system change requirements while managing work with automation; and then
  • Applying it all over again to virtualized assets

We hope you can join us for an interesting discussion on August 28th. Attendees of this webcast will receive a complimentary white paper published by SANS on this same topic. You can register for this webcast here.

All the best,