Compliance scanning or hardening scans
It is also important to note what hardening scans are and what value they could bring to the blue team. Typically, the blue team would be tasked to write and enforce policies around the right level of hardening for every IT asset in the organization. This would include operating systems, network devices, databases, and so on. The blue team may even refer to the Center for Internet Security (CIS) benchmarks for industry best practices. The CIS is a nonprofit entity whose mission is to identify, develop, validate, promote, and sustain best practice solutions for cyber defense.
Once these standards are properly enforced, the blue team should run regular checks to determine compliance with those standards. This helps ensure security hardening is enforced right at the onset of the deployment of a new IT asset. Among other controls, this must include ensuring any default credentials on the IT asset are secured and any unused port on the system is...