Hardening a system is synonymous with reducing its attack surface: remove unnecessary software packages, lock down default values to the tightest possible settings and configure the system to only run what you explicitly require. Why would you want to harden your infrastructure and systems to start with? Isn’t Linux secure enough already?
A fully secure system is made up of many layers, from the hardware to the operating system and the application servers running your mission-critical code. Because system hardening is so important to so many organisations, industry standards have been developed to gather the best practices from across the world and formulate a common approach. The Center for Internet Security (CIS) publishes hardening benchmarks for many common software applications and operating systems, including Ubuntu and Kubernetes.
In this webinar we will cover:
- Hardening from OS to the application layer
- Ubuntu Security Guide (USG) for automated remediation and auditing
- How to harden Kubernetes running on Ubuntu
- Charmed Kubernetes: the fully-automated multi-cloud distribution
- K8s Security: CIS, AppArmor, Vault integration, and OpenSCAP scanning
Underpinning any robust deployment is Ubuntu Pro’s 10-year security maintenance guarantee. Ubuntu Pro also provides the USG tool to automate hardening and auditing for profiles such as the CIS benchmarks, or DISA-STIG for missions deployed within US DoD networks.
With any questions, contact us here!