Security Auditing & Scanning.
Penetration Testing.
Vulnerability Scanning.
Malware Scanning.
Vulnerabilities removal.
Patching for Vulnerabilities.
Upgrading Applications.
Security Hardening.
Webapplication Firewall.
Intrusion Detection Systems.
Real time Monitoring.
Security Hardening for Layer 3, Layer 4 & Layer 7 Exploits & Attacks
Cross-site scripting.
SQL injection.
Path disclosure.
Denial-of-service attack.
Arbitrary code execution.
Memory corruption.
Cross-site request forgery.
Data breach (information disclosure).
Arbitrary file inclusion.
Local file inclusion.
Remote file inclusion.
Buffer overflow.
Other, including code injection (PHP/JavaScript), etc.
Update kernel to latest stable version and patch for vulnerabilities or exploits.
Disk Partitioning and enforcing Disk Quotas.
Configuring Package Managers and Repositories.
Disabling unused Protocols.
Eliminating unused services.
Minimizing Open Network Ports.
Securing Binaries.
Securing Key Files and Configuration Files.
Setting and Enforcing Password Policies.
Limiting Root/SuperUser privileges.
Warning Banners for enforcing security policies.
Implementing Firewall Protection.
Configuring TCPWrappers.
Enabling System Logging, Auditing and log rotation.
System Accounting using auditd.
Configuring Backups.
Implement Integrity checking.
Software
Disabling X window system.
Implementing Intrusion Detection Systems.
Implementing Linux Socket Monitor.
Configuring SeLinux for enhanced Security.
Implementing AntiVirus Protection.
TCP/IP stack hardening in Linux kernel using sysctl.
Webserver Hardening – Apache 2.X, Nginx 1.X, Lighttpd 1.X & Litespeed, PHP, CGI, DDoS & Outbound SPAM protection.
Mail Server Hardening – Postfix, Exim, QMail, Courier, Dovecot, Zimbra
Databas Server Hardening – MySQL, PostGreSQL, MariaDB.
SSH Server Hardening.
FTP Server Hardening – ProFTPd, Pure-FTPd, VSFTPD.
Control Panel Hardening – Hosting Control Panel, Webmail, Statistics.
Enable Encryption for critical services