Defense & Operations
System Hardening
Also known as: OS hardening, Server hardening
Definition
Reducing the attack surface of a system by removing unnecessary features, tightening configurations, and enforcing secure defaults.
Examples
- Hardening a Linux server by disabling root SSH, applying SELinux, and removing compilers in production.
- Hardening Kubernetes by enforcing pod security standards and disabling the anonymous API endpoint.
Related terms
Security Baseline
A documented, minimum-acceptable security configuration that all systems of a given type must meet before being placed into production.
Configuration Management
The discipline of establishing, recording, and enforcing the desired state of systems and applications so configurations remain known, consistent, and secure.
Security Controls
Safeguards or countermeasures — technical, administrative, or physical — used to prevent, detect, or respond to threats against information assets.
CIS Controls
A prioritized set of best-practice cybersecurity safeguards maintained by the Center for Internet Security to defend against the most common cyberattacks.
Security Posture
Security Posture — definition coming soon.
Patch Management
The end-to-end process of identifying, testing, deploying, and verifying software updates that fix vulnerabilities or bugs.