OverviewSystem Hardening is the act of assessing a system or application and determining where it can be fortified to prevent attacks, and the damage that might occur from an attack. The ultimate goal of hardening any system is to reduce the attack vector of a particular application or system, while ideally not compromising any usability of the system.
Why Should You Harden Your Systems?The most important reason why systems and applications should be hardened is to reduce the area where an attack could be mounted against your infrastructure or applications. Default installations of software, operating systems or services are not always ideal from a security perspective, and hardening your systems will help secure those systems from unnecessary threats.
The additional benefit to hardening your systems is that provides an organization the opportunity to regularly audit and evaluate the systems, policies and rules that are currently used and remove those that are no longer necessary. It is not uncommon for clients to find firewall rules that are no longer necessary, or development enviornments that are no longer required during the hardening process.
How do they Work?System Hardening is a rather broad term that is used to describe the act of reducing an attack surface of a particular system, network or application, so each engagement will be different from the previous.
Some of the tasks we would perform during a hardening engagement is as follows.