OASB
v1.0
Controls/Operational Security/9.5
L1 EssentialAutomated verification

9.5 Secure Configuration Defaults

9. Operational SecurityHow do we run agents safely?

Description

Agent default configurations MUST be secure. Security features enabled by default.

Rationale

Most users deploy with defaults. If defaults are insecure, most deployments are vulnerable.

Audit Procedure

1. Review default configuration
2. Check if security features are enabled by default
3. Verify dangerous features require opt-in

Remediation

1. Enable security features by default
2. Require opt-in for dangerous features
3. Document security implications

Framework Mappings

CIS Control 4.1NIST PR.IP-1
Previous9.4 SandboxingNext10.1 Security Event Logging