System hardening
Baseline hardening configurations help drive consistency in the operational environment and provide assurances that systems are built using approved software—all while minimizing the attack surface for a potential malicious code event to exploit.
Security-approved tools for malicious software detection are default requirements in configuration baselines. These tools provide detection, monitoring, and alerting of potential security events and can prevent malicious code from executing. They include defined integration paths to enterprise monitoring and event management capabilities, allowing the information security team to aggregate events across the environment, invoke incident response actions, and support forensics investigations.