At a customer I was working on hardening an environment. I case of your ESXi servers there are a lot of settings you can apply to make things more secure. But doing all this by hand and keeping track of all these settings will cost some time. The easy way to do this are host profiles, even for small clusters it will make it easier.
Start by logging into vCenter and look up one of the hosts in the hosts and clusters tab. Select the host, right click and open "extract host profile"
Give the Host profile a name and save it.
In vCenter you will find the host profiles under Policies and Profiles. Look up your host profile and edit the settings the way you want them.
After you're done, attach more hosts to the profile from the profile using actions -> Attach/Detach Hosts and Clusters. Once all the hosts are attached you can make them compliant. If you make any more changes to the profile, just make the host complaint using the host profile!