System Hardening

Limiting the weak spots

To increase the defenses of a system, additional security measures have to be implemented. This process of fortification is named system hardening. It consists of removing unnecessary parts, limit default access and tighten up the permissions of processes and users. While Unix based systems are fairly secure by default, the need of system hardening will always exist.

Hardening systems without the right tools, can take a lot of time. Besides investigating, the changes have to be planned, implemented and tested at several stages.

Auditing and Hardening

Our solution performs an in-depth audit, to determine the applicable hardening controls. Together with these controls the right suggestions are selected for your environment. A customized plan will be part of your system hardening efforts. To simplify the process of system hardening, hardening snippets are provided. Almost as simple as a copy-paste, you can harden the system of your workstations and servers.

Technical details

The hardening snippets used are depending on the related control. Usually there is a piece of shell script available to test for a specific control, or to implement the related control. Where possible and applicable, also snippets are provided for configuration management tools like cfengine, Chef and Puppet.

Take the next step

  • Already used Lynis? Choose the right plan and upgrade.