Security Hardening

Apply security best practices to infrastructure including OS hardening, firewall configuration, secret management, and compliance scanning.

Complexity: Complex | Duration: 30m+ | Category: Devops

Tags: infrastructure security hardening compliance

Workflow Diagram

Steps

Step 1: OS hardening

Agent: security

specialist - Disable unnecessary services, apply patches

Step 2: Firewall configuration

Agent: security

specialist - Configure iptables/Security Groups (deny all, allow specific)

Step 3: SSH hardening

Agent: security

specialist - Disable root login, use key-based auth, change port

Step 4: Secret management

Agent: security

specialist - Use Vault, AWS Secrets Manager, or GCP Secret Manager

Step 5: TLS/SSL

Agent: security

specialist - Configure HTTPS with valid certificates

Step 6: Intrusion detection

Agent: security

specialist - Deploy OSSEC, fail2ban

Step 7: Vulnerability scanning

Agent: security

specialist - Run Nessus, OpenVAS, Trivy

Step 8: Compliance

Agent: security

specialist - Verify CIS benchmarks, SOC 2 compliance

Usage

To execute this workflow:

/workflow devops/security-hardening.workflow

See other workflows in this category for related automation patterns.

Workflow Diagram​

Steps​

Step 1: OS hardening​

Step 2: Firewall configuration​

Step 3: SSH hardening​

Step 4: Secret management​

Step 5: TLS/SSL​

Step 6: Intrusion detection​

Step 7: Vulnerability scanning​

Step 8: Compliance​

Usage​

Related Workflows​

Workflow Diagram

Steps

Step 1: OS hardening

Step 2: Firewall configuration

Step 3: SSH hardening

Step 4: Secret management

Step 5: TLS/SSL

Step 6: Intrusion detection

Step 7: Vulnerability scanning

Step 8: Compliance

Usage

Related Workflows