Finding unpatched flaws and default configurations

Using strong passwords

Encrypting data

Installing antivirus software

Closed unnecessary ports

Missing security hardening

Properly configured cloud permissions

Regularly updated security patches

Reduced attack surface

Increased security

Improved system performance

Increased vulnerability to attacks

Using default settings

Disabling all security features

Implementing a repeatable hardening process

Ignoring configuration reviews

To make manual reviews unnecessary

To continuously evaluate the effectiveness of settings

To increase the complexity of the system

To ensure configurations are never updated