Forum Discussion
IIS hardening with CIS standards - tools and options
Hello IIS experts. Please suggest on best strategy for hardening on-prem IIS farm to CIS standards. I'm also interested in recurring audit of the results. There is a number of commercial products al...
tkonick Hi, would you like to share your useful links? I have the same challenge. BR Jytte
To anyone interested, i ended up using https://github.com/fbprogmbh/Audit-Test-Automation FREE tool to scan and then manually tune IIS until most of the IIS CIS settings were green. It is really good.
If you are ready yo pay you can get a version which is able to harden the settings. It is from the same company - https://www.fb-pro.com/en/
If you are ready yo pay you can get a version which is able to harden the settings. It is from the same company - https://www.fb-pro.com/en/
- And the PDFs you can download from https://workbench.cisecurity.org/ after registering. there is also a forum of CIS experts on https://workbench.cisecurity.org/ one per hardened product. you can try asking your questions there.