1 00:00:06,390 --> 00:00:07,950 - [Instructor] Before we go over 2 00:00:07,950 --> 00:00:09,890 different web server security tools, 3 00:00:09,890 --> 00:00:12,900 let's go over how to actually secure web servers 4 00:00:12,900 --> 00:00:14,370 from the beginning, right? 5 00:00:14,370 --> 00:00:16,420 Definitely harden before you deploy. 6 00:00:16,420 --> 00:00:18,200 Exercise good patch management 7 00:00:18,200 --> 00:00:21,580 as we were just discussing a few minutes ago. 8 00:00:21,580 --> 00:00:24,170 Disable unneeded services 9 00:00:24,170 --> 00:00:27,700 that will definitely increase the tech surface 10 00:00:27,700 --> 00:00:29,100 of a web server. 11 00:00:29,100 --> 00:00:32,650 Lock down the file system, the underlying file system. 12 00:00:32,650 --> 00:00:36,900 Log and audit, and not only audit, but monitor, right? 13 00:00:36,900 --> 00:00:40,500 Definitely perform ongoing scanning for vulnerabilities 14 00:00:40,500 --> 00:00:42,610 as we were actually mentioning before. 15 00:00:42,610 --> 00:00:47,610 And that is actually part of a good patch management program 16 00:00:47,910 --> 00:00:49,830 within your organization. 17 00:00:49,830 --> 00:00:53,270 And lastly but definitely not least important 18 00:00:53,270 --> 00:00:55,900 is automating backups. 19 00:00:55,900 --> 00:00:59,010 Whether you have your web service 20 00:00:59,010 --> 00:01:03,260 or your web application on-premise or in the cloud. 21 00:01:03,260 --> 00:01:07,360 Now talking about on-premises and cloud web applications, 22 00:01:07,360 --> 00:01:10,850 they are different web server security tools 23 00:01:10,850 --> 00:01:15,640 that apply to both on-premises and cloud web applications. 24 00:01:15,640 --> 00:01:20,150 And definitely the most popular probably by far, 25 00:01:20,150 --> 00:01:22,500 is the Web Application Firewall 26 00:01:22,500 --> 00:01:25,930 that can be deployed either in a data center 27 00:01:25,930 --> 00:01:30,000 right in front of your web services, and web applications, 28 00:01:30,000 --> 00:01:31,580 and in the cloud, right? 29 00:01:31,580 --> 00:01:34,950 Many, many different cloud providers offer 30 00:01:34,950 --> 00:01:36,650 a Web Application Firewall 31 00:01:36,650 --> 00:01:40,680 or they can allow you through their marketplace 32 00:01:40,680 --> 00:01:44,790 to install third party Web Application Firewalls as well. 33 00:01:44,790 --> 00:01:47,250 Now definitely in the cloud, 34 00:01:47,250 --> 00:01:51,370 you should practice a lot of auditing, logging 35 00:01:51,370 --> 00:01:53,960 and then monitoring those logs. 36 00:01:53,960 --> 00:01:55,510 And there's several tools out there 37 00:01:55,510 --> 00:01:56,840 that allows you to do that. 38 00:01:56,840 --> 00:01:58,920 So cloud security monitoring tools 39 00:01:58,920 --> 00:02:01,230 is definitely one on the list in here. 40 00:02:01,230 --> 00:02:02,680 And lastly but not least, 41 00:02:02,680 --> 00:02:06,340 the Endpoint Detection and Response for servers. 42 00:02:06,340 --> 00:02:07,240 And if you're familiar 43 00:02:07,240 --> 00:02:10,410 with Endpoint Detection and Response or EDR, 44 00:02:10,410 --> 00:02:13,300 and there're plenty of different names 45 00:02:13,300 --> 00:02:14,460 for the same solution, 46 00:02:14,460 --> 00:02:16,000 basically at the end of the day, 47 00:02:16,000 --> 00:02:20,390 it's an agent that you install either in an endpoint, 48 00:02:20,390 --> 00:02:24,850 in other words, in a user endpoint or in a server. 49 00:02:24,850 --> 00:02:27,490 So in this case, in a web server as well. 50 00:02:27,490 --> 00:02:30,890 So these are some of the most common 51 00:02:30,890 --> 00:02:33,193 web server security tools.