// THREAT DETECTION AND DATA PRIVACY TERM
Hardening
Hardening refers to the process of making a computer system, application, or network more secure by reducing its vulnerabilities and potential entry points for attackers. This often involves disabling unnecessary features, applying security updates, and configuring settings to be more restrictive.
TECHNICAL DEFINITION
Hardening is the systematic process of enhancing the security posture of an IT system, application, or network device by reducing its attack surface and mitigating vulnerabilities through secure configuration, patch management, disabling non-essential services, and implementing robust security controls to resist unauthorized access and cyber threats.
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- System hardening
- Security hardening
- Server hardening
- Application hardening
- Secure configuration
USAGE NOTE
Hardening is a continuous, essential practice in cybersecurity architecture to maintain a strong defense against evolving threats by minimizing exploitable weaknesses.
DEVELOPERS
Organizations developing technology related to Hardening.
Develops and promotes best practices for cybersecurity hardening, including the widely adopted CIS Benchmarks and CIS Controls, which provide prescriptive guidance for securely configuring systems and networks.
Provides operating systems (Windows Server, client OS) and cloud platforms (Azure) with built-in security features, security baselines, and tools (e.g., Microsoft Defender for Endpoint, Azure Security Center) that enable and guide the hardening of their environments.
Offers Red Hat Enterprise Linux (RHEL) and other open-source solutions with integrated security tools (e.g., OpenSCAP, SELinux) and extensive documentation to guide the secure configuration and hardening of Linux systems and enterprise infrastructure.
Develops vulnerability management solutions (e.g., Nessus, Tenable.io) that identify misconfigurations and security vulnerabilities across IT assets, which are critical steps in the system hardening process to reduce attack surfaces.
Provides a cloud-based platform for vulnerability management, compliance, and configuration auditing, helping organizations identify, prioritize, and remediate security weaknesses to harden their IT infrastructure and applications.
Offers cloud-native endpoint protection, identity protection, and cloud security platforms (Falcon platform) that include capabilities for enforcing security policies and configurations to harden endpoints and cloud workloads against sophisticated threats.
Delivers enterprise security platforms, including next-generation firewalls and cloud security solutions, which are used to enforce security policies, manage configurations, and harden network perimeters and cloud environments.
Develops virtualization and cloud infrastructure platforms (vSphere, NSX) along with security solutions (e.g., Carbon Black) that include features and guidance for securely configuring and hardening virtual environments and workloads.