System Hardening, and Why it’s Harder Than it Looks
August 2, 2019
The two key principles of system hardening are to remove unnecessary function and apply secure configuration settings. Unlike most security frameworks, the Center for Internet Security (CIS) provide prescriptive guidance for configuration settings and, in the CIS Benchmark guides, even provide the required remediation commands.
"System hardening is a process, not a one-off task, just as staying safe on the roads doesn’t mean driving a tank."