Build and Configuration Review
Threat detection in enterprise systems
Targeting your systems and devices
Enterprises small and large use all manner of systems and devices including laptops, servers, mobile devices and tablets. Where the security requirements are exacting enterprises often rightly choose to build and refine a baseline of settings for that particular device and use case.
This service is used in order to gain assurance that the baseline for that device and use case are indeed suited to the requirements. For example, a client in the finance sector recently provided us with a build for testing purposes which is to be used internally by their staff. This was built specifically for its Data Leakage Prevention (DLP) capabilities. In this specific scenario the client sought technical assurance in the DLP characteristics.
Understanding the process
What are the typical stages?
The stages of a build and configuration review can vary based on the nature of the target. Though generally the areas below are covered:
- Physical attack
- BIOS and firmware
- Device management
- Device patching and monitoring
- Anti-Virus protection characteristics
- Users, groups and permissions
- File permissions
- Network services
- Privilege escalation vectors
- Logging and monitoring
Take ACTION TODAY
Protect Your Organisation with Penetration Testing
Get started with a comprehensive penetration test today and fortify your organisation against cyber threats.