This is a collection of configuration files aimed at building hardened images of common Operating Systems.
Operating system images represent a snapshot of an operating system's state including all installed software, system settings, and other configurations. These images can be used to spin up virtual machines (VMs) to be deployed or used as deemed fit.
We believe that hardening such images is crucial to meet security standards and compliance requirements. These hardned images can, at the very least, assure:
- minimized attack surface by stripping away non-essential services, packages, and/or applications
- tightened configurations by setting strict policies and settings, especially for system security and user account privacy
- regulatory compliance by adhering to well established industry standards of security
We are leveraging cloud-init to tweak services, settings, packages, and other configurations of the operating system to create a usable hardened image.
cloud-init is, as per the official docs, the industry standard tool for configuring cloud instances during boot. Booting up the base OS image along with our cloud-init configuration files starts the process of hardening the OS. This will eventually lead to the hardened OS images available for use.
- Ubuntu Server 22.04.5 LTS (Jammy Jellyfish)
Take a look at the contribution docs to get started!
To be added...