<![CDATA[Enterprise Linux systems form the foundation of critical business services across on-premises, hybrid, and cloud infrastructures. Maintaining a secure configuration posture over time remains a persistent challenge due to manual changes, emergency fixes, and inconsistent enforcement of security standards. Traditional security validation approaches rely on periodic audits and reactive assessments, which fail to detect configuration drift in a timely manner. This paper presents a continuous security validation approach for Linux systems using configuration-as-code principles. The proposed approach encodes security controls, compliance requirements, and system hardening rules as declarative configurations that are continuously evaluated against live system state. By integrating configuration-as-code with automated validation and remediation workflows, the approach enables near real-time detection of security deviations and consistent enforcement of approved baselines. A controlled experimental evaluation conducted on a representative Linux environment demonstrates improved security posture consistency, reduced configuration drift duration, and faster remediation compared to traditional audit-based validation methods. The results show that continuous security validation using configuration-as-code provides a scalable and auditable mechanism for maintaining secure Linux system configurations.]]>
Copyrights © 2023
