Hardening Images on Cloud

Automating hardening on cloud platforms to use secure images and demo on AWS.

“Hardening” is one of those words that always appear in all kinds of meetings but nobody is clear about what it is. Loved by some, hated by others, it reminds me of that phrase about big data:

“Big data is like teenage sex: everyone talks about it, nobody really knows how to do it, everyone thinks everyone…”

Dan Ariely — Professor of Psychology & Behavioral Economics @ Duke University

But really, what’s hardening? Hardening is the process of strengthening a system to reduce the exposure surface and attack vectors using different tools and configurations.

The concept is simple but also generic. Hardening can be applied to any computer system: applications, operating systems, networks, databases, cloud platforms… But the issue we are dealing with today is the automation of hardening images in cloud systems such as AWS, Azure or GCP.

CIS Benchmarks

The entity with the greatest recognition in the area of strengthening operating systems is the CIS (Center of Internet Security), which has…