Help Center/ Cloud Bastion Host/ User Guide (Kuala Lumpur Region)/ FAQs/ Product Consulting/ Which Security Hardening Measures Does CBH Provide?
Updated on 2024-06-12 GMT+08:00

Which Security Hardening Measures Does CBH Provide?

CBH has a complete security lifecycle management, covering security coding specifications during system development, security tests such as strict security vulnerability scanning and penetration testing, and security supervision by public security departments. It complies with laws and regulations such as the Cyber Security Law, meets compliance review requirements, and earns the classified information security level 3 certification.

System Data Security

  • Login security: Image encryption, SSH remote login security hardening, kernel parameter security hardening, strong passwords for system accounts, and lockout of login after three consecutive login failures
  • Data security: Encrypted sensitive information and independently and dynamically generated system root key
  • Application security: Protection from SQL injection attacks, CSV injection attacks, and XSS attacks, and API authentication mechanism

System Security

  • Automatic system installation and Linux Unified Key Setup (LUKS) disk encryption
  • Built-in firewall function to prevent common network attacks, such as brute force cracking
  • Unified HTML5 access APIs with only one system web access port opened to reduce the attack surface
  • SSH login hardening parameters to improve security of SSH login systems