System or security hardening is basically a process to eliminate the risk of security vulnerabilities and cyber attacks to secure a computer system, application, server, etc. with the help of tools, technology , best practices and techniques. According to the National Institute of Standards and Technology(NIST) defines system hardening as reducing the attack surface of a system “by patching vulnerabilities and turning off nonessential services.” Therefore, in order to prevent any future loss due to cyber attack or 0-day or any system/application vulnerability or improper configuration of the services and so on, there is need to adopt some security hardening standards by an individual or an organization.
Hardening Standards are important because it keeps the risk at its lowest level and helps in maintaining the consistency of security of assets and their configuration. There are several industry standards that provide benchmarks for various applications, servers, operating systems, system backup, patching and updates, access control etc. One can follow NIST and CIS guidelines and configuration review for hardening standards.
Helpful Resources :