Defense & Operations
Configuration Management
Also known as: Config management, CM
Definition
The discipline of establishing, recording, and enforcing the desired state of systems and applications so configurations remain known, consistent, and secure.
Examples
- Terraform definitions enforcing that every S3 bucket has encryption and public-access blocks enabled.
- Ansible playbooks that bring all SSH servers back to the approved CIS Benchmark configuration.
Related terms
Change Management
Structured process to propose, review, approve, schedule, implement, and review changes to IT systems with controlled risk and clear traceability.
System Hardening
Reducing the attack surface of a system by removing unnecessary features, tightening configurations, and enforcing secure defaults.
Security Baseline
A documented, minimum-acceptable security configuration that all systems of a given type must meet before being placed into production.
Asset Management
Asset Management — definition coming soon.
Security Controls
Safeguards or countermeasures — technical, administrative, or physical — used to prevent, detect, or respond to threats against information assets.
Patch Management
The end-to-end process of identifying, testing, deploying, and verifying software updates that fix vulnerabilities or bugs.