Secure Configuration Review

Image

A Secure Configuration review is a detailed review and verification of configuration settings of IT infrastructure components including systems, network devices & applications to measure the security effectiveness of the IT environment. Typically, when deploying, maintaining or enhancing computing systems/network/network security devices, the expected secure configuration settings may not be implemented or maybe missed. Any poorly configured component of the IT environment then becomes a weak link that may allow adversaries to gain unauthorized access, leading to possible outages and security breaches. Therefore, periodically evaluating the secure configuration of the IT environment is vital to ensure ongoing security within the organization. A typical secure configuration review activity is conducted in a white-box mode where the assessment team have access to the in-scope IT infrastructure configuration files to identify misconfigurations.

Our team of security experts assist our customers by conducting a comprehensive secure configuration review of the various components within the IT environment while considering multiple global industry standard benchmarks along with corporate policies and regulatory requirements as applicable. Depending of the in-scope IT component, the configuration reviews are conducted using automated scripts/tools or manually using checklists. Such reviews require authenticated scans that require the scanning scripts/tools to remotely login to the target systems to conduct a comprehensive assessment of the current configuration settings.

Our Coverage



SecurEyes provides a comprehensive Secure Configuration review service for the IT environment of our customers and covers a wide range of 100+ types of IT components such as:

  • Operating Systems (Windows Server and Desktops, Unix-based Servers)
  • Network Devices (Routers, Switches, WLAN's, WAP's, etc)
  • Perimeter Security Devices (Firewalls, IPS, IDS, UTM, Gateway Antivirus, Secure Mail Gateway, VPN setup, Firewall Management systems etc)
  • Web servers (IIS, Web Sphere, Apache, Tomcat, etc)
  • Database Servers (Mongo DB, MS-SQL Server, MySQL, PostgreSQL, Sybase, Oracle, IBM DB2, etc)
  • Internal Systems (File servers, Share-point, Anti-virus Servers, DLP, Certificate servers, SIEM components, Log Servers, Print Servers, SMS gateways, VoIP servers, SAN, NAS, Middle-ware, PIM, Password management systems, Backup servers, CCTV and surveillance systems, Building Management systems, Virtualization servers, etc.)

The below list indicates sample coverage of the control Areas covered as part of the Configuration review:

  • Access Control Settings
  • User Account related Policies
  • Password Policy
  • System & Account Authentication Security settings
  • Network and Print Sharing Privileges
  • Network ports open on systems
  • Network services running on the system
  • File System Permission Settings
  • Logging settings and Auditing Policies
  • Networking and TCP/IP Settings
  • Security Patches and Critical Updates
  • System Authorization/Privileges
  • File Sharing
  • Temporary file/folder permissions
Image
Image

Our Methodology



The stepwise flow of our Secure Configuration review engagements is as follows:

  • Interviewing key IT Infrastructure Teams
  • Data Gathering (Current Configuration and Deployment Settings using authenticated scans or manual data gathering)
  • Data Analysis (Reviewing Configuration Settings)
  • Identification and rating of configuration weaknesses
  • Reporting

Our Benchmarks



Our comprehensive Secure Configuration review engagements are aligned to the following standards:

  • Minimum Baseline Security Standards of customer organization
  • CIS benchmarks
  • NIST standards
  • SecurEyes internally developed secure configuration review checklists
Image
Image

Why Choose us?



  • Conducted Secure Configuration review on 30000+ IT components globally for over 400+ customers
  • Comprehensive reviews with wide coverage including credential based scanning and non-credential-based scanning
  • Exhaustive reports with clear action items and achievable solutions
  • In-house developed Secure Configuration review scripts and manual checklists for COTS applications/systems
  • Team of experienced consultants certified against well-known global certifications
  • Worked with prestigious organizations across industry verticals to on Secure Configuration review assignments

You can get in touch with us at sales@secureyes.net to utilize our Cyber Security Testing services for your organization today.