Cyber security services company
UNDER ATTACK

SECURE CONFIGURATION REVIEW

An asset following secure hardening guideliness leads to significant decrease in attack surface due to proactive security approach. Let our secure configuration hardening reviews help you set a secure baseline. 

Get In Touch

No salesy newsletters. View our privacy policy.

What is a secure configuration review?

A secure configuration hardening review involves reviewing the underlying Operating System and related components such as firmware, removable media interfaces in line with good security practices. At times, customers request such reviews in comparison with CIS, NIST or internal guidelines. This is a white box pen test exercise performed with full knowledge of the system architecture.

A server with lack of hardening or misconfiguration issues could provide an easy route to a complete network compromise or unauthorised access to sensitive data.

A weakly configured build may not only add vulnerabilities to the network, but a root kit or a backdoor configured into the machine may go undetected for months. This review helps in identifying weaknesses in configuration that may allow unauthorised access to the underlying operating system.

 

secure configuration review

Why do you need security hardening ?

secure hardening checklist

A proactive security strategy defines controls in layered fashion. It is always better to embed security mindset early in the asset lifecycle. There is no cheaper, effective and better ROI than secure hardening reviews. Regular security hardening assessments ensure weak security settings, hardening issues and data protection weaknesses are identified early. 

Before any new builds are rolled into the production environment, it is important to release secure builds to keep the attack surface to a minimum. Having a secure configuration review based benchmarking process in place ensures that vulnerabilities are reduced to minimum at the start of the asset lifecycle. Should your requirements mean looking around entire estate, read more about our full range of penetration testing services

Benefits of Secure Configuration Reviews

  • Protect your assets early in the asset lifecycle
  • Follow a proactive approach to cyber security
  • Demonstrate security by design mindset to your business and supply chain
  • Service quality underpins everything we do
  • One time reviews improve your internal build methodology
  • PCI DSS, ISO 27001, GDPR Compliance support

Security experts to understand your concerns

15min Meeting

Secure Configuration Review Methodology

A secure review involves assessing a operating systems, databases, devices or network equipment. It involves configuration and analysis phase followed by reporting as per the agreed format. 

Our build and configuration reviews are aligned with the following secure hardening standards:

  • Baseline standards as per the customer organisation
  • CIS benchmarks with hardening standards published for most vendors
  • NIST standards
  • Or commenced as part of ISO 27001 , PCI DSS projects.

Generally, the following areas are considered at high-level and more test cases are added based on the exact asset and functionality.

Secure hardening vulnerabilities across networking, security, telecommunications & other internal equipment, OS and endpoint vulnerabilities.
Effective patch management plays critical role in closing window of opportunity for attackers, thats between the vulnerability disclosure and patch release.
Group Policy allows administrators to define security policies for users and the servers within the network. These policies are administered from a central location exclusively to the Windows operating system. The policy settings generally, among other things, enforces password settings, external media access, network level access, patching schedule and application restrictions. A well configured group policy would ensure a safer network for an organisation and minimise the attack window for a threat actor to gain unauthorised access.

Logging and monitoring controls are reviewed to identify flaws in event collection, analysis and threat identification.

Full disk encryption is a cryptographic method that applies encryption to the entire hard drive including data, files, the operating system and software programs. In an adverse case, if a device / server is stolen or an unauthorised physical access is achieved, this could be disastrous for a company. A threat actor would gain access to sensitive information such as personably identifiable information (PII) or proprietary information stored on this device due to lack of disk encryption.
Your servers BIOS or UEFI Firmware offers the ability to set lower-level passwords. These passwords would restrict people from booting the server, booting from removable devices, and changing BIOS or UEFI settings without an administrators permission.

The nature of cybersecurity threats is one of constant evolution; growing in sophistication and changing in order to exploit new vulnerabilities and evade detection. This is why you need to perform regular security assessments to protect your network, cloud configurations, security systems and devices.

Based on our methodology and scope of the job, We perform two types of password reviews which include password policy reviews and a password cracking exercise followed by statistical analysis to find out the complexity & character patterns in use.
A vast majority of cyber attacks take advantage of known software and hardware vulnerabilities. Unpatched software including Operating System (OS) and third-party applications, can attract malicious code to the vulnerable servers. Software patching can act as a defensive armor that repels malicious attacks and protects your organisation against multiple exploits.

Operating System Build Reviews

For windows and linux server build reviews, we look at the several areas of Operating systems including functionality (workstation, server, laptops) and architecture aspect of the host in review:

  • Operating System security 
  • Account Lockout Policy
  • Privilege Management
  • Audit Policy
  • User password policy
  • Patch Management 
  • Logging and Monitoring
  • Secondary services and configurations
  • Insecure Service / File System Permissions
  • Network security policies
  • Network and Host firewall restrictions 
  • Software Restriction and Application Control Policies

Get a secure configuration hardening review quote today

Call Us Now

Our engagement approach to secure configuration hardening reviews

Step 1
Step 1

Scoping and Customer Insight

When you decide to give us the go-ahead, our very first step is to gain insight into your motivation, so that we can advise on your real concerns. The comprehensive process we go through to understand this determines the vision for the project. At the technical level, this includes assets to be included, their fragility and importance to the environment. 

Step 2
Step 2

Data Collection

In this phase, we profile the target, i.e. a network, a server, or a device and perform data collection around services, operating system, configuration and related data. This is fundamental step before moving to next stage of configuration review.

Step 3
Step 3

Configuration Analysis

Our security team identifies vulnerabilities analysing the collected data in line with agreed baselines. This phase also involves tailored approach taking into account customer business context and secure architecture principles. 

Step 3
Step 3

Reporting

The assessment-execution phase is followed by the analysis & reporting. Cyphere performs analysis on the testing output, evaluates the risk impact and likelihood of exploitation in realistic scenarios before providing action plans to remediate the identified risks. All our reports address business as well as the technical audience with supporting raw data, CVE, CVSS references including mitigation measures at strategic and tactical levels.

Step 4
Step 4

Communication & Debrief

We take customer communication as seriously as reporting or assessment execution. We engage with customers during all stages, and ensure that customer contacts are up to date in the language they understand. Post engagement, a free debrief is conducted to help the customers understand the weaknesses and prepare a mitigation plan.

Recent Blog Entries

Data Subject Access Request: Article 15 GDPR – The Right of Access

What is an attack vector? Assess your attack surface and how to avoid cyber attacks.

Social Engineering: The Art of Human Hacking

Cyber security statistics, trends and breaches survey 2021

Top network security threats

What is cyber security architecture? Elements, purpose and benefits

How often should you perform vulnerability scanning? Best practices shared

What is the Principle of Least Privilege?

Everything you need to know about vulnerability scanning

Why is cyber security important?

CONTACT

Cyphere Ltd
F1, Kennedy House,
31 Stamford St,
Altrincham WA14 1ES
Greater Manchester

Twitter
Linkedin-in
Facebook

EMAIL/CALL

0333 050 9002

Securing your cyber sphere

PEN TESTING

SECURITY SERVICES

SOLUTIONS

COMPANY

© 2020 CYPHERE all rights reserved.

Cookies policy

Privacy policy

Terms and conditions

BOOK A CALL