Security Center Hardening best practices

GovMule · ‎04-25-2024

Hello,

I've been tasked with working on hardening settings in the Security Center, to ensure we are as compliant as can be. What research or best practices would we need to follow to determine what is affected or associated with a setting when we change it?
We would obviously start in a test instance but didn't just want to go around ticking switches and hoping for the best.
I know you can do a code search in Studio to find any apps associated with non-compliant properties, so I suppose that's a start. Are there any other methods?

jboudi · ‎05-22-2024

I have had some success looking for the low risk high impact opportunities.

Example:Disable Entity Expansion - This was identified as an ACT configuration issue (high impact) and we were unable to identify if/where we were using this functionality.

We also have robust ATF testing around our business critical functions that we run when there is a potential impact.

I've been able to work may way through most of the ACT configuration issues.