BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.cfgmgmtcamp.org//FJXMVG
BEGIN:VTIMEZONE
TZID:Europe/Brussels
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-2024-FJXMVG@cfp.cfgmgmtcamp.org
DTSTART;TZID=Europe/Brussels:20240206T140000
DTEND;TZID=Europe/Brussels:20240206T145000
DESCRIPTION:New standards are constantly appearing and must be applied to a
  larger number of systems. Sometimes with very little time available from 
 the law to the actual enforcement.\nApplying standards on a clean state is
  in itself a difficult task. But when it’s on existing infrastructures\,
  it gets very complex with potentially a lot of divergences to identify an
 d exceptions to be made.\nThere are plenty of existing solutions. But they
  are often either one-size-fits-all\, or they can audit but not remediate\
 , or they cannot be consolidated over all the IT. \nIn this talk\, I will 
 present how we implemented a CIS Server benchmarks on an existing infrastr
 ucture using Rudder. It starts from the reference Excel Benchmarks from CI
 S  to finish by the implementation of every control point\, with default v
 alues and mixed audit and remediation mode. It concludes by showing how ha
 ving a graphical interface makes the reporting to relevant stakeholders he
 lpful.\nThis implementation involves a lot of YAML\, some KCL to generate 
 even more YAML\, and unfortunately some bash scripts…
DTSTAMP:20260309T205228Z
LOCATION:B.2.015
SUMMARY:Hardening systems: from a benchmark guide to meaningful compliance 
 - Nicolas CHARLES
URL:https://cfp.cfgmgmtcamp.org/2024/talk/FJXMVG/
END:VEVENT
END:VCALENDAR