Overview
The term baseline security is used in various contexts with somewhat different meanings. For example:
- Microsoft Baseline Security Analyzer: Software tool focused on Microsoft operating system and services security
- Cisco security baseline: Vendor recommendation focused on network and network device security controls
- Nortel baseline security: Set of requirements and best practices with a focus on network operators
- ISO/IEC 13335-3 defines a baseline approach to risk management. This standard has been replaced by ISO/IEC 27005, but the baseline approach was not taken over yet into the 2700x series.
- There are numerous internal baseline security policies for organizations,
- The German FSI has a comprehensive baseline security standard, that is evolving towards ISO 27000
Read more about this topic: IT Baseline Protection