Hardening is the process of limiting the attack surface of a system or device by tuning or disabling services to meet the best security stance. This is usually done by following recommended standards or industry best practices. Normally, we following the Center for Internet Security (CIS) benchmarks. These are freely available and there is one for almost every standard Operating System and service out there. We can also utilize DISA's Security Technical Implementation Guide (STIG) as requested by the customer or if the customer is mandated by the DoD.
We utilize configuration management utilities such as Puppet or Ansible to ensure every system meets the same security baseline. These templates can either be passed onto the customer for further implementation or we can continue to assist as needed.
In addition to system hardening, we also perform firewall auditing and remediation services. This normally entails the customer providing a copy of the firewall configuration files to be reviewed. They are reviewed against industry best practices along with any compliance initiatives that the company falls within such as PCI-DSS.
At the end of the engagement, a detailed write-up along with recommendations is provided to the customer for action. We can also assist in the remediation efforts if requested.