🎁 New User? Get 20% off your first purchase with code NEWUSER20 Register Now →
Menu

Categories

Security Intermediate

What is Security Hardening?

The process of reducing a system's attack surface by disabling unnecessary services, applying patches, and configuring security controls.

Security hardening systematically reduces vulnerabilities in servers, applications, and networks. Steps include removing unused software and services, applying security patches promptly, configuring firewalls (deny by default), enabling SELinux/AppArmor, setting strong password policies, disabling root SSH login, using key-based authentication, implementing file integrity monitoring, securing boot processes, and following CIS Benchmarks. For web servers: disable directory listing, remove version headers, configure secure TLS ciphers, set security headers (CSP, HSTS, X-Frame-Options). Hardening should be automated through configuration management tools (Ansible, Chef) and validated regularly through vulnerability scanning.

Related Terms

SAST (Static Application Security Testing)
Automated analysis of source code to find security vulnerabilities without executing the application.
Security Audit
A systematic examination of an information system to assess compliance with security policies, identify vulnerabilities, and verify controls.
Security Headers
HTTP response headers that instruct browsers to enable security features like XSS protection, framing prevention, and content type enforcement.
Rate Limiting
A technique that controls the number of requests a client can make to a server within a specified time period.
Hashing
A one-way function that converts input data into a fixed-size string of characters, used for data integrity and password storage.
Secret Management
The practice of securely storing, accessing, and rotating sensitive credentials like API keys, passwords, and certificates.
 View All Security Terms →