A thorough evaluation process of a system’s security settings to ensure they adhere to best practices and organizational policies and security standards such as CIS, NIST. It aims to identify misconfigurations that may leave the system vulnerable, helping to strengthen the overall security posture of the infrastructure.