Security hardening for production

Hardening is a general term that is used to describe the measures that are taken to enhance your system security against potential threats and risks in production. Harden your Open Liberty server configuration, application configuration, and network to reduce vulnerabilities and prevent security intrusions.

Different types of security intrusions can threaten different parts of your system. You can employ best practices to make each part less vulnerable. Security intrusions and vulnerabilities can be broken down into different groups:

Application configuration

Application configuration intrusions occur when external users run applications that derive or inherit privileges that they are not authorized to have. One example of this type of intrusion happens when an application inherits the identity of the server, giving the application unauthorized permissions. For more information, see Application configuration security hardening.

Liberty CIS benchmarks

The Center for Internet Security (CIS) benchmarks are a collection of industry-wide cybersecurity standards to configure networked digital resources and ensure their compliance with the established best practices for security and privacy. Open Liberty maintains security hardening guidelines that comply with the CIS benchmark standards.

You can access the benchmarks on the CIS IBM WebSphere Benchmarks page. Complete the information form to download the benchmarks.

If you have a free CIS user account, you can open tickets to address any questions or concerns with the benchmarks in the Liberty benchmarks user portal.