Recognizing our joint role in fostering best practices in Cybersecurity, we wanted to make everyone aware of the attached NSA/CSS guidelines for "Hardening Deployed Web Applications."
We encourage you to share these guidelines with the department that is responsible for implementing your institution's Information Assurance security plan. Any additional questions concerning these guidelines can be addressed to Industry Inquiries at 410-854-6091 or niasc@nsa.gov.
In case you are not aware, the NSA Information Assurance Directorate (IAD) provides updated security guidance on various topics. These can be found at http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/index.shtml by selecting the various tabs along the left hand side.
Regards,
The CAE Team!
AskCAEIAE@nsa.gov