Security hardening and secure configuration reviews
When we see an application running in our web browser, it is just the tip of the iceberg. There is lot of underlying infrastructure that is supporting the application, which typically includes a web server, database server, operating system, and so on. So, even if the end application is made very secure, it might be possible that the underlying infrastructure components have vulnerabilities, allowing attackers to compromise the system. This is where security hardening comes into picture.
In order to secure the complete application ecosystem, which includes the underlying infrastructure, it is essential to perform secure configuration reviews for all the participating components and harden the security accordingly. A simple way to achieve this could be going through configuration files for each component and then configuring items that are relevant to security. Another better approach could be using industry standard benchmarks for secure...