Understanding Baselines and Deviations - PAS Integrity Software Suite - 7.3 - Help - Intergraph

Integrity User Guide

Language
English
Product
PAS Integrity Software Suite
Subproduct
Cyber
Search by Category
Help
PAS Version
7.3

It is very difficult to manage all changes to all products at all times. Managing the most important or most critical products and settings is the basis of baseline management.

A baseline is an accepted description of the attributes of one or more selected products, at a point in time, which serves as a standard and a basis for defining change. Baseline management is a way to reduce or eliminate security gaps resulting from assets that are not properly configured. These gaps occur when baseline changes are not documented, when required changes, such as security patches, are not implemented, and when configuration change mandates are not implemented on one or more assets. Security gaps are vulnerabilities that can be exploited.

To mitigate these vulnerabilities, you must periodically retrieve the configuration information of an item and compare it to the baseline. If no changes have occurred, no action is required. If one or more changes have occurred, the changes must be assessed, verified, and documented or rolled-back to the baseline configuration. For more information about baselines and deviations, see the following topics: