SecureSys: Universal Hardening

and Compliance Toolkit

Group 12
Aditi Jamsandekar (K023)
Siddhi Jani (K024)
Chirayu Rathi (K047
Faculty Mentor : Prof. Sneha Deshmukh

1
 Abstract
This project automates the application of CIS security
benchmarks on various Linux distributions, ensuring
consistent compliance and reducing the risk of human
error. By generating detailed HTML compliance
reports and supporting multiple distributions, it
simplifies security management, providing scalable
and flexible solutions for enterprises.

2
 Introduction
This project automates the application and verification of
CIS security benchmarks on Linux distributions like Oracle
Linux, RHEL, and Rocky Linux, simplifying system security
and ensuring continuous compliance with industry
standards. By generating compliance reports, it helps
administrators quickly identify and fix security gaps,
reducing human error and improving the overall security
posture. 3
 Literature Survey
Paper Title Summary Relevance To Project
Proposes a framework for
Automation of Server Security Framework for automating
automating server security
Assessment security assessment of servers.
assessment.
Automation Tasks Model for Presents a model for
Model for automating network
Improving Hardening Levels automating the hardening of
hardening using Ansible.
on Campus Networks campus networks.
Accessible hardening
Metapod: Accessible techniques for Docker
Introduces "Metapod," a web
Hardening of Docker containers, integration with
application for enhancing
Containers for Enhanced Snyk vulnerability scanner,
Docker container security.
Security and support for CIS-Docker
benchmark.

4
 Literature Survey
Paper Title Summary Relevance To Project

Techniques include
AppArmor/SELinux for
Proposes techniques for
Enhancing Security of Docker container capabilities
enhancing Docker container
Using Linux Hardening restriction, network
security using Linux
Techniques namespaces for container
hardening.
isolation, and secure image
deployment.

Scheme includes image

Proposes a security vulnerability detection,
Security Hardening Solution hardening scheme for container integrity
for Docker Container improving Docker container measurement, system
security. whitelisting, and network
isolation.

5
System Requirements: Software

• Supported Operating Systems

• Python 3.x
• Bash Shell
• Root Access
• Web Browser
• Disk Space (Minimum 2gb)
• Network Access
6
System Requirements: Hardware

1.Processor (CPU):
2.Memory (RAM)
3.Disk Space
4.Network Interface
5.I/O Devices
7
Design Documents: Use Case Diagram

8
Design Documents: Activity Diagram

9
Implementation

10
 Future Prospects
Information security auditing is vital in today's digital
landscape to proactively identify vulnerabilities, assess risks,
and ensure compliance.
It strengthens security posture, protects assets, maintains
trust, and mitigates financial and reputational damages from
cyber threats

11
 Expected Outcomes
1. Automated Generation of System Reports: The system hardening
automation tool will be capable of generating detailed system reports
automatically.

2. Improved Compliance: The company achieves improved compliance with

industry-standard security benchmarks such as the CIS benchmarks

3. Enhanced Security: Vulnerabilities and potential attack vectors will be

minimized, reducing the risk of security breaches.

4. Cost Savings: Leads to cost savings by reducing the manual effort and
resources required for manual security configuration.
12
 References
1. V. CP and R. Agarwal, "Automation of Server Security Assessment" 2022 4th International
Conference on Circuits, Control, Communication and Computing (I4C), Bangalore, India, 2022

2. N. Yang, C. Chen, T. Yuan, Y. Wang, X. Gu and D. Yang, "Security hardening solution for docker
container" 2022 International Conference on Cyber-Enabled Distributed Computing and
Knowledge Discovery (CyberC), Suzhou, China, 2022

3. Ortiz-Garcés, A. Echeverría and R. O. Andrade, "Automation Tasks Model for Improving

Hardening Levels on Campus Networks" 2021 Fifth World Conference on Smart Trends in
Systems Security and Sustainability (WorldS4), London, United Kingdom, 2021

4. R. Sengupta, R. S. Sai Prashanth, Y. Pradhan "Metapod: Accessible Hardening of Docker

Containers for Enhanced Security" 2021 IEEE International Conference on Electronics,
Computing and Communication Technologies (CONECCT), Bangalore, India, 2021

5. Amith Raj MP, A. Kumar, S. J. Pai and A. Gopal, "Enhancing security of Docker using Linux
hardening techniques" 2016 2nd International Conference on Applied and Theoretical
Computing and Communication Technology (iCATccT), Bangalore, India, 2016
13
THANK YOU!

14