We often install applications with factory settings but never bother hardening them properly. Default passwords, outdated versions, open ports, and insecure services introduce vulnerabilities to your environment. Begin with an inventory of applications, understand how to secure them, and then move forward with configuration changes to improve your security posture. Use vendor and industry best practices when securing your applications but remember to thoroughly test the solution and use change management lest we create unintentional denial of service attacks. Patch applications to the current versions and enable logging and alerting. Use the principal of least privilege when granting application access.