Hardening
Hardening refers to increasing the security (confidentiality, integrity, availability) by reducing the attack surface of:
- π₯οΈ Workstations
- π°οΈ Servers
- π Network devices
- π Apps, tools and services
- ...
Tasks to do are defined in guides provided by organizations such as CIS or ANSSI, while organizations can have their own guides.
Where can we find guides? π
- Awesome-security-hardening (4.4k β)
- CIS Build Kits (GPOs or shell scripts) and Hardened Images...
- Tenable: CIS guides as checklists
Useful tools π οΈ
- OpenSCAP: automatic scan and application of a compliance guide