{"id":"catbeez-layered-security","text":"Catbeez deployments implement layered security: application binds localhost-only, Caddy terminates TLS and reverse-proxies, firewalld drop zone silently discards uninvited traffic, SSH is restricted to a source IP range, and SELinux enforces network connect policy.","truth_value":"IN","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"catbeez-layered-security","truth_value":"IN","reason":"premise"}]}}