Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
I'm using rudder (https://www.rudder.io/), it's based on cfengine (https://cfengine.com/). But this is more enterprise ready, you'll be fine with lightweight ansible. Nice thing is, that rudder ensures compliance by periodically executing all defined rules on all endpoints.
https://github.com/Poli-Systems/quick During a time our script was public, it changed quite a lot since (like for ssh keys and DDOS protections) but I'll let you give a look at our really older version of it.
I use Ansible, like many others. One of the roles I use for hardening is this one: https://github.com/openstack/ansible-hardening