SAF Framework

Harden

Have you ever wished you could automate your way out of a thankless security configuration task, but didn't have the time to invest to do it right? MITRE SAF's hardening pillar helps you apply security configurations and controls to your systems using automated hardening content, paired with the same configuration management tools and processes your team is likely already familiar with. Transform compliance requirements into actionable remediation with Infrastructure as Code.

Browse Hardening ContentView Framework

Use Cases

Don't Re-invent the Wheel

The Harden pillar supports both proactive system hardening and automated remediation workflows. Apply security baselines before deployment to get secure systems straight off the assembly line, or use automated remediation to fix non-compliant systems discovered during validation. Whether you're building your gold images or remediating production systems, Harden provides Infrastructure as Code implementations of security requirements, without your team having to spend cycles addressing problems that have already been solved in the open-source security community.

Baseline Hardening

Apply security configurations before systems go into production. Use Ansible playbooks, Chef recipes, or Puppet manifests to implement STIGs and CIS Benchmarks as code. Build systems that are secure by default, reducing the attack surface before deployment.

Automated Remediation

Fix security findings discovered during validation scans. Convert compliance requirements into automated remediation workflows that bring systems into compliance. Reduce manual configuration effort and ensure consistent security posture across your infrastructure.

Tailored Content

Avoid brittle hardening scripts. MITRE SAF Hardening content is easy to tailor to the particular needs of your organization, ensuring that your systems meet your security requirements. Add, remove, or adjust how hardening is done.

Tools

Harden with SAF Content

Use our hardening content library and tailor it to reflect your organization's secuity requirements.

Hardening Content Library

Browse ready-to-use Ansible playbooks, Chef recipes, and other Infrastructure as Code implementations of security baselines. Apply proven hardening configurations to common platforms and applications.

SAF CLI

Convert security guidance documents like XCCDF benchmarks into Ansible playbooks and other automation formats. Generate hardening content from security requirements using SAF CLI conversion tools.

AnsibleChefTerraformPuppetPowerShellSalt