Endpoint Hardening Checklist

A defender’s guide for protecting systems & reducing attack surface

Security vendors love pushing new tools. It’s one of the reasons why the cybersecurity industry is valued at $166B, and expected to more than double by 2028. But ask unbiased experts and they’ll tell you — the best thing SMBs and the IT providers who serve them can do is forget chasing shiny new tools and invest time and resources into basic system hardening, instead.

And that’s exactly what this checklist will help you do. It’s our hope that, in addition to focusing your efforts, it can help serve as a basis for establishing secure baselines as well as tracking security improvements for management and stakeholders.

Why is endpoint hardening important?

Endpoint hardening is the practice of securing and protecting the endpoint devices within an organization's network. This is important because endpoint devices, such as laptops and smartphones, are often targeted by cybercriminals seeking to gain access to sensitive data or disrupt operations.

There are several benefits to endpoint hardening:

Improved security: By strengthening the security of endpoint devices, organizations can reduce the risk of data breaches and cyber attacks.
Enhanced compliance: Endpoint hardening can help organizations meet regulatory requirements and industry standards related to data security.
Greater efficiency: Endpoint hardening can improve the performance and reliability of endpoint devices, leading to increased productivity and reduced downtime.
Cost savings: By preventing data breaches and cyber attacks, endpoint hardening can help organizations avoid the costly consequences of security incidents.

In summary, endpoint hardening is an essential practice for any organization looking to protect their sensitive data and ensure the smooth operation of their business.

Inside you’ll find actionable recommendations for the following:

Windows OS hardening
Network hardening
Account protections
Application hardening
Browser hardening
Additional resources and more

Get your free checklist

Your Privacy

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
_vwo_ds	3 months	This cookie is set by the provider Visual Website Optimiser. This cookie is used for collecting information on how visitors interact with the pages on website.
_vwo_sn	30 minutes	This cookie is set by the provider Visual Website Optimiser. This cookie is used for collecting information on how visitors interact with the pages on website. It collect statistical data such as number of visit, average time spent on the website, what pages haves been read.
_vwo_uuid	10 years	This cookie generates a unique ID for every visitor and is used for the report segmentation feature in VWO. Also, this cookie allows you to view data in a more refined manner. If you have the campaign running on multiple domains, you will notice campaign-specific UUID values.
_vwo_uuid_v2	1 year	This cookie is set by Visual Website Optimiser and is used to measure the performance of different versions of web pages.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
ninja	1 month	No description
ninja_added	session	No description
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie is set by CloudFlare. The cookie is used to support Cloudflare Bot Management.
_vis_opt_test_cookie	session	This cookie is set by Visual Website Optimiser and is a session cookie generated to detect if the cookies are enabled on the browser of the user or not.
geoData		First-party cookie. Stores geoIP data in order to display appropriate phone numbers and content for your region.

Performance

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Cookie	Duration	Description
_biz_flagsA	1 year	This cookie is set by Bizible. A single cookie that stores multiple information, such as whether or not the user has submitted a form, performed a crossdomain migration, sent a viewthrough pixel, opted out from tracking, etc.
_biz_nA	1 year	This cookie is set by Bizible and is used to store a sequence number that Bizible includes for all requests, for internal diagnostics purpose.
_biz_pendingA	1 year	This cookie is set by Bizible. Temporarily stores analytics data that has not been successfully sent to Marketo Measure server yet.
_biz_sid	30 minutes	This cookie is set by Bizible. The cookie is used to store the session ID of the user.
_biz_uid	1 year	This cookie is set by Bizible and is used to store the user ID on the current domain.
_hjIncludedInSessionSample	2 minutes	This is a Hotjar cookie set to determine if a user is included in the data sampling defined by the site's daily session limit.
YSC	session	This cookie is set by YouTube and is used to track the views of embedded videos.

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
__utma	2 years	This cookie is set by Google Analytics and is used to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmb	30 minutes	The cookie is set by Google Analytics. The cookie is used to determine new sessions/visits. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmc	session	The cookie is set by Google Analytics and is deleted when the user closes the browser. The cookie is not used by ga.js. The cookie is used to enable interoperability with urchin.js which is an older version of Google analytics and used in conjunction with the __utmb cookie to determine new sessions/visits.
__utmz	6 months	This cookie is set by Google analytics and is used to store the traffic source or campaign through which the visitor reached your site.
_BUID	1 year	This cookie is used to store a universal user ID to identify the same user across multiple clients' domains.
_dc_gtm_UA-100000610-1	1 minute	This is a Google Analytics cookie used to store the number of service requests.
_fbp	3 months	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat	1 minute	This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites.
_gat_UA-100000610-1	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gd_session	4 hours	This cookie is used for collecting information on users visit to the website. It collects data such as total number of visits, average time spent on the website and the pages loaded.
_gd_svisitor	2 years	This cookie is set by the Google Analytics. This cookie is used for tracking the signup commissions via affiliate program.
_gd_visitor	2 years	This cookie is used for collecting information on the users visit such as number of visits, average time spent on the website and the pages loaded for displaying targeted ads.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_hjFirstSeen	30 minutes	This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_hjid	1 year	This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_uetsid	1 day	This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site.
_vis_opt_s	3 months 8 days	This cookie is set by Visual Website Optimiser and is used to detect if the user is new or returning to a particular campaign.
6suuid	2 years	This is a 6sense cookie. Registers user behaviour and navigation on the website, and any interaction with active campaigns. This is used for optimizing advertisement and for efficient retargeting.
DriftPlaybook	session	This is a Drift cookie.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
page	1 month	No description
pardot	past	The cookie is set when the visitor is logged in as a Pardot user.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
_an_uid	7 days	This is a 6sense cookie. Presents the user with relevant content and advertisement. The service is provided by third-party advertisement hubs, which facilitate real-time bidding for advertisers.
_rdt_uuid	3 months	This cookie is set by Reddit and is used for remarketing on reddit.com
_uetvid	1 year 24 days	This is a Bing Ads cookie to store and track visits across websites.
MUID	1 year 24 days	Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

Others

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Cookie	Duration	Description
_hjAbsoluteSessionInProgress	30 minutes	This is a Hotjar cookie used to detect the first pageview session of a user.
_hjIncludedInPageviewSample	2 minutes	This is a Hotjar cookie set to determine if a user is included in the data sampling defined by your site's pageview limit.
_hjTLDTest	session	This is a Hotjar cookie. Hotjar tries to store the _hjTLDTest cookie for different URL substring alternatives until it fails. Enables Hotjar to try to determine the most generic cookie path to use, instead of page hostname. After this check, the cookie is removed.
ARRAffinity		This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitize a client to an instance of an Azure Web App.
campaign	1 day	No description
content	1 day	No description
conversion_page	1 day	No description
landing_page	1 day	No description
sliguid	5 years	Salesloft cookie for use in live website tracking to help identify and qualify leads.
slireg	7 days	Salesloft cookie for use in live website tracking to help identify and qualify leads.
slirequested	5 years	Salesloft cookie for use in live website tracking to help identify and qualify leads.
source	1 day	No description

Func

Ana

Endpoint Hardening Checklist

Why is endpoint hardening important?

Inside you’ll find actionable recommendations for the following:

Get your free checklist

Products

Resources

Company

Compliance