Hardening

Security Operations 🛡️ • Vulnerabilities 🚨 • Sec+ Glossary 📖 • Security+ 02 • Difficulty: premium

What is Hardening?

Hardening is the process of reducing a system's exposure and improving its security by removing unnecessary functionality, tightening settings, limiting access, and applying secure configurations.

Examples

An administrator hardens a new server by disabling unused services, changing default credentials, applying patches, and restricting remote access.
A company hardens employee laptops by enforcing disk encryption, limiting local administrator rights, and removing unapproved software.

Discover 🔎

Most systems are not secure simply because they are newly installed. Out of the box, many products are designed to be easy to deploy, easy to test, and easy to use in many different environments. That often means they start with more features, more services, more access, or more flexibility than a specific organization actually needs.

Hardening is the process of tightening that starting point. Instead of accepting the default condition, the organization deliberately reduces what is exposed, what is enabled, and what can be misused. The goal is not to make the system unusable. The goal is to make it do its real job with fewer unnecessary risks attached.

Remember: Hardening is about reducing opportunity. A system becomes safer when it exposes less, trusts less, and runs only what it truly needs.

Summary 📝

Hardening is the process of tightening systems so they expose less risk and rely less on permissive defaults. It reduces attack surface by disabling unnecessary features, limiting access, applying safer settings, and aligning systems with secure baselines. Its importance comes from the fact that many compromises succeed not because the product is unusual, but because the environment was left too open, too broad, or too trusting.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.