Security

The Workspaces platform is a powerful and flexible system that can be configured and used in many different scenarios. This guide covers many different topics related to security, to include hardening of Docker, Postgres, underlying systems and the Kasm Workspaces configuration. This guide will also answer common security related questions that organizations have.

Many organizations are required to implement secure baseline configuration, such as DISA STIGs or CIS Benchmarks. There are existing STIG checklists and CIS Benchmarks for the components and/or dependencies used by Kasm. Kasm follows general DISA guidance provided in the Application Security and Development Security STIGs for the Kasm Workspaces product and our configuration guidance.

• Architecture
  • Reverse Proxy
  • WAF Rules
• Data Loss Prevention
  • Group Settings
  • KasmVNC DLP Policy
  • Web URL Filter
  • Environmental Variables
    • Service Fail Secure
• Operating System
• Host Based Security Protection
• Docker
  • Docker Enterprise
  • Enterprise Logging and Audit Rules
  • Docker Swarm
• Postgres
• Redis
  • Installation
  • Post Installation
• Kasm Workspaces
  • Global Settings
  • Group Settings
  • Workspace Images
  • Authentication
• Reverse Proxy Security
  • X-Frame-Options Header
  • Content Security Policy
  • TLS Settings
  • SSL Certificates
  • Referrer Policy
  • Rate Limiting
  • CORS Headers