Cybersecurity
Security Hardening
Definition
Security hardening is the process of securing a system by reducing its surface of vulnerability. It involves configuring a system to be as secure as possible by removing unnecessary software, changing default passwords, disabling unused services, and applying secure configurations.
Why It Matters
Default installations of operating systems and applications are often not secure. Hardening is a critical process to reduce the attack surface and make a system more resilient to attack.
Contextual Example
When provisioning a new web server, a system administrator follows a hardening checklist. This includes steps like disabling all network ports except for 80 and 443, removing default user accounts, and applying the latest security patches.
Common Misunderstandings
- Hardening is a proactive security measure, done to prevent attacks.
- Organizations like the Center for Internet Security (CIS) provide benchmark documents with detailed hardening guidelines for various systems.