Hardening is the practice of reducing a system’s attack surface by turning on security controls and using safer defaults. It includes measures such as memory protections, service isolation, least-privilege permissions, disabling unneeded features, and tightening configuration so only required paths are reachable.
In cyber security, hardening matters because many attacks do not rely only on a software bug; they also depend on exposed services, unsafe settings, or weak containment. A well-hardened web server is harder to crash, hijack, or turn into a foothold for remote code execution. In real incidents, defenders use hardening to limit blast radius: isolate public-facing processes, separate privileged components, apply sandboxing, and keep recovery options ready. When a flaw is being actively exploited, strong hardening can buy time, reduce impact, and make exploitation less reliable even before a patch is applied.