Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Server Hardening


Hardening Tools 101 [updated:2023]

System hardening refers to actions done to reduce the attack surface, by securing the configurations of the system’s components (servers, applications, etc.). As arrived from the manufacturer, system components are more function-oriented than security, which means that unnecessary functions are enabled. Each function is a potential attack vector, so securing the system’s configuration is critical for mitigating vulnerabilities and preventing breaches.


Expert Advice on why you should automate server hardening

We recently engaged in a conversation with our team of experts regarding their ongoing server hardening project. We inquired about the obstacles encountered during manual hardening procedures and asked if they’d be willing to explain the underlying reasons for issues that arise when automation is not employed. Their latest encounter with a client provided a valuable opportunity to further expound on strategies to mitigate these challenges.


5 Key Components of Cybersecurity Hardening

Cybersecurity hardening is a comprehensive approach to keeping your organization safe from intruders, and mitigating risk. By reducing your attack surface, vulnerability is reduced in tandem. Hardening (or system hardening) considers all flaws and entry points potentially targeted by attackers to compromise your system.

Network security LAN Manager Authentication Level

The LAN Manager (LM) is a group of early Microsoft client/server software products that enable users to connect personal computers on a single network. Its features include transparent file and printer sharing, user security features, and network administration tools. In Active Directory domains, the default authentication protocol is the Kerberos protocol. However, if Kerberos is not available for any reason, LM, NTLM, or NTLMv2 can be used as an alternative.

sysctl configuration hardening

Sysctl is a command-line utility in Unix-like operating systems that allows users to view and modify kernel parameters at runtime. These parameters, also known as “tunable” or “kernel” parameters, control various aspects of the operating system’s behavior, such as network settings, memory management, file system behavior, and more. Each of these operating systems has their own implementation of sysctl, with slightly different options and syntax.


CIS Baseline Hardening and Security Configuration Guide

The CIS Controls v8 has been revised and released by the Center for Internet Security (CIS). The CIS Controls are a collection of industry-recognized best practices for businesses dealing with data security risks. Such measures were created to make things easier and keep the IT operations and security teams attention on the crucial tasks. In v8, CIS changes a little the perspective around baseline security and system hardening.


What is Database Hardening and Why Is It Critical?

Hardening the various systems across your network helps you improve your cybersecurity posture level and block attacks. Hardening includes regular patching of known software vulnerabilities and turning off nonessential services on each system to reduce the number of processes that can be exploited. Hardening your database servers is a vital part of this information security strategy.


The Developer's Guide to Security Hardening

If developers one day considered security a mere ‘good-to-have,’ that day is firmly in the past. As digital transformation accelerates, employee workstations become liabilities for enterprise assets and data, placing cybersecurity in the spotlight. On average, organizations face 130 security breaches annually, and every data breach costs a company around $4.24 million. For better or worse, remote work culture and corrupted credential are the top reasons for security breaches.