CIS Logo
tagline: Confidence in the Connected World

System Hardening, and Why it’s Harder Than it Looks

August 2, 2019

Infosecurity Magazine 

The two key principles of system hardening are to remove unnecessary function and apply secure configuration settings. Unlike most security frameworks, the Center for Internet Security (CIS) provide prescriptive guidance for configuration settings and, in the CIS Benchmark guides, even provide the required remediation commands.

"System hardening is a process, not a one-off task, just as staying safe on the roads doesn’t mean driving a tank."