Configuration Baseline
1-minute read
What it is
A configuration baseline is an approved snapshot of system or application settings that represents a secure, compliant state. It is used as a reference to detect unauthorised or risky configuration changes.
Configuration baselines document how services should be configured, including enabled services, network rules, authentication methods, and security features. They are often enforced using automation tools and continuous monitoring.
Why it matters
Misconfigurations are one of the most common causes of data exposure and cloud security incidents. Without a configuration baseline, changes can introduce risk without being detected.
How to reduce risk
- Establish configuration baselines for critical systems and cloud resources
- Continuously monitor for deviations from approved configurations
- Restrict who can make configuration changes
- Automatically remediate or alert on baseline drift