Security Hardening
Browse 27 security hardening tools
FEATURED
Automated device hardening and configuration management platform
Automated device hardening and configuration management platform
Secure kiosk for sanitizing USB & uploaded files using CDR technology
Secure kiosk for sanitizing USB & uploaded files using CDR technology
EAL4+ certified unidirectional data diode for secure one-way data transfer
EAL4+ certified unidirectional data diode for secure one-way data transfer
FPGA-based hardware filtering data diode for unidirectional data transfer
FPGA-based hardware filtering data diode for unidirectional data transfer
Unidirectional gateway with 25Gbps interfaces for secure one-way data transfer
Unidirectional gateway with 25Gbps interfaces for secure one-way data transfer
EAL 4+ certified unidirectional gateway for secure one-way data transfer
EAL 4+ certified unidirectional gateway for secure one-way data transfer
Automated security and compliance solution for SAP HANA databases
Unified cyber hygiene platform for hardening, PAM, asset mgmt & vuln assessment
Unified cyber hygiene platform for hardening, PAM, asset mgmt & vuln assessment
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
AMDH is a Python3 Android security tool that automates mobile device hardening through malware detection, privacy protection, CIS benchmark compliance, and application security analysis.
AMDH is a Python3 Android security tool that automates mobile device hardening through malware detection, privacy protection, CIS benchmark compliance, and application security analysis.
Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.
Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.
Community project for developing common guidelines and best practices for secure configurations.
Community project for developing common guidelines and best practices for secure configurations.
A Node.js library for validating environment variables and providing immutable access to configuration values in applications.
A Node.js library for validating environment variables and providing immutable access to configuration values in applications.
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
A comprehensive guide providing step-by-step instructions for hardening GNU/Linux systems using industry standards like CIS, STIG, NIST, and PCI-DSS.
A comprehensive guide providing step-by-step instructions for hardening GNU/Linux systems using industry standards like CIS, STIG, NIST, and PCI-DSS.
LinuxKit is a toolkit for building custom minimal, immutable Linux distributions with secure defaults for running containerized applications like Docker and Kubernetes.
LinuxKit is a toolkit for building custom minimal, immutable Linux distributions with secure defaults for running containerized applications like Docker and Kubernetes.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
A collection of automation scripts that quickly enable essential AWS security and compliance features that are not activated by default in AWS accounts.
A collection of automation scripts that quickly enable essential AWS security and compliance features that are not activated by default in AWS accounts.
A tutorial demonstrating how to implement Kubernetes Engine security features to control application privileges through host access controls and network access policies.
A tutorial demonstrating how to implement Kubernetes Engine security features to control application privileges through host access controls and network access policies.
Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.
Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.
A bash script that analyzes executable files to check security properties like PIE, RELRO, canaries, ASLR, and Fortify Source protections.
A bash script that analyzes executable files to check security properties like PIE, RELRO, canaries, ASLR, and Fortify Source protections.
A comprehensive repository providing guidance and remediation strategies for hardware and firmware security vulnerabilities including side-channel attacks, microcode issues, and UEFI hardening.
A comprehensive repository providing guidance and remediation strategies for hardware and firmware security vulnerabilities including side-channel attacks, microcode issues, and UEFI hardening.
Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.
Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.
