A BISSaN Hardened Windows Server Operating System image provides a security focused environment ideal for running web applications, databases and application servers and helps in mitigating common threats such as insufficient authorisation, network & program attack threats.

The Operating System is thoroughly scanned, vetting each and every base component within every release leveraging a pool of industry certified security auditing tools. The Operating System is initially stripped from all the unnecessary insecure packages, settings and permissions. The base system is then further tuned, patched and hardened applying security recommendations from leading security industry organisations, standards and governing bodies such as the ISO, SOC and NIST to adhere and meet security regulations and compliance. This ensures you have a secure environment to run your application and hit the ground running upscaling your security posture and audit compliance within your organisation.

Stack Tuning: Once the Operating System has been secured it is then tuned to optimise the networking stack with thoroughly tested and benchmarked parameters ensuring the web application, database or application server can run to its most efficient capability with the required memory, process and networking stack throughput.

Included within the Image:

• Virus Scanner - ability to be executed on an adhoc basis or regular cadence to ensure files and packages are vetted appropriately and eliminate threats
• Shell Command Logger - Logs each and every users shell command executions to “/var/log/secure” for auditing and traceability purposes. Providing the ability to perform forensics and detail investigations in determining the user and the commands executed. Secure logs then be shipped to your favourite SIEM tool for monitoring and auditing purposes as well
• Update default Login Security Banner: /etc/issue.net

VM Creation Min Password Policy
Set the admin/users password using the policy below to gain access to the VM.

• Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
• Be at least 14 characters in length
• Contain characters from three of the following four categories:
• English Uppercase characters (A through Z)
• English Lowercase characters (a through z)
• Base 10 digits (0 through 9)
• Non-alphabetic characters (for example, !, $, #, %)

Recommended: Once deployed, any new package that is required should be installed from a reliable source repository and rescanned to validate no new vulnerabilities have been introduced before approving.

Security is not an option but a necessity. Increase your security posture with a BISSaN Security Hardened Operating System.