Best practices

What are best practices?

Security best practices are procedures or steps that are considered to be effective measures to reduce risks to systems or environments. They are reached when professionals come to an agreement. In other words, they are consensus-based tips to improve system security.

Most practices are collected in hardening guides or security advisories. These documents are often focusing on technical people as they are responsible for the implementation. At the same time, they can be also very useful for those active in risk management, auditing, or generic security management.

Security tools

The following security tools are linked to best practices and are worth investigating.

  • Lynis (security scanner and compliance auditing tool)
  • OpenSCAP (suite with tools and security data)
  • pshtt (domain scanner for HTTPS usage)