Build & Configuration Security Review

  • Home
  • Build & Configuration Security Review

Build & Configuration Security Review

Your key applications and system environment are made up of many different components, including servers, network devices, and middleware, and are accessible by client devices such as desktops, laptops, and mobile devices.
Each of these elements and devices can introduce security vulnerabilities in your security posture if formatted inaccurately using only default or ‘out of the box’ setups, such as usernames and passwords, open ports, and useless facilities, leaving your company vulnerable to a malicious actor gaining a foothold in your system, accessing sensitive information, or interrupting businesses’ critical services.

Quickly analyze the security of the systems in great depth and evaluate how the system protects delicate and essential data, ideally using a secure-by-default’ strategy.

Because of the sampling technique, it is especially cost-effective if several systems are created in almost the same manner (using a gold image-standard build). This will reveal plenty of fast wins that will drastically enhance the business’s overall security across the board.

The following aspects of server and workstation computer systems, as well as the key programmes that operate on the servers (such as web, database, email, or application service), are covered in build reviews:

  • Password Policy
  • Audit Policy
  • Host Operating System Security Options
  • Secondary System Services
  • Registry Configuration and Permissions
  • Wired and Wireless Network Policies
  • Patch and Support Level Status of Installed Software
  • Software Restriction and Application Control Policies
  • Account Lockout Policy
  • User Rights and Least Privilege Assignment
  • Auditing
  • Primary Host Application – Database, Web Server or Application Server
  • File System Permissions
  • Host Firewall
  • Surface Area Reduction

Cyber Breach Guard also has vast expertise doing research into vulnerabilities threats on networks, thus our build evaluations encompass multiple control points depending on that data.

Administrator rights for both the application and the host server are required for the build review. It may be done both on-site and off-site.

The build evaluation report will include a quasi overview that describes the system’s overall security. This enables budget authorizations to swiftly assess the present risk posed by the systems.

The report will also provide a comprehensive description of each of the vulnerabilities discovered, as well as a risk assessment and ease of use rating.

If you are looking to learn more about Firewall Security Assessment, get a free consultation now!