Secure Configuration Review

A Secure Configuration review is a detailed review and verification of configuration settings of IT infrastructure components including systems, network devices & applications to measure the security effectiveness of the IT environment. Typically, when deploying, maintaining or enhancing computing systems/network/network security devices, the expected secure configuration settings may not be implemented or maybe missed. Any poorly configured component of the IT environment then becomes a weak link that may allow adversaries to gain unauthorized access, leading to possible outages and security breaches. Therefore, periodically evaluating the secure configuration of the IT environment is vital to ensure ongoing security within the organization. A typical secure configuration review activity is conducted in a white-box mode where the assessment team have access to the in-scope IT infrastructure configuration files to identify misconfigurations.

Our team of security experts assist our customers by conducting a comprehensive secure configuration review of the various components within the IT environment while considering multiple global industry standard benchmarks along with corporate policies and regulatory requirements as applicable. Depending of the in-scope IT component, the configuration reviews are conducted using automated scripts/tools or manually using checklists. Such reviews require authenticated scans that require the scanning scripts/tools to remotely login to the target systems to conduct a comprehensive assessment of the current configuration settings.

Our Coverage

SecurEyes provides a comprehensive Secure Configuration review service for the IT environment of our customers and covers a wide range of 100+ types of IT components such as:

Operating Systems (Windows Server and Desktops, Unix-based Servers)
Network Devices (Routers, Switches, WLAN's, WAP's, etc)
Perimeter Security Devices (Firewalls, IPS, IDS, UTM, Gateway Antivirus, Secure Mail Gateway, VPN setup, Firewall Management systems etc)
Web servers (IIS, Web Sphere, Apache, Tomcat, etc)
Database Servers (Mongo DB, MS-SQL Server, MySQL, PostgreSQL, Sybase, Oracle, IBM DB2, etc)
Internal Systems (File servers, Share-point, Anti-virus Servers, DLP, Certificate servers, SIEM components, Log Servers, Print Servers, SMS gateways, VoIP servers, SAN, NAS, Middle-ware, PIM, Password management systems, Backup servers, CCTV and surveillance systems, Building Management systems, Virtualization servers, etc.)

The below list indicates sample coverage of the control Areas covered as part of the Configuration review:

Access Control Settings
User Account related Policies
Password Policy
System & Account Authentication Security settings
Network and Print Sharing Privileges
Network ports open on systems
Network services running on the system
File System Permission Settings
Logging settings and Auditing Policies
Networking and TCP/IP Settings
Security Patches and Critical Updates
System Authorization/Privileges
File Sharing
Temporary file/folder permissions

Our Methodology

The stepwise flow of our Secure Configuration review engagements is as follows:

Interviewing key IT Infrastructure Teams
Data Gathering (Current Configuration and Deployment Settings using authenticated scans or manual data gathering)
Data Analysis (Reviewing Configuration Settings)
Identification and rating of configuration weaknesses
Reporting

Our Benchmarks

Our comprehensive Secure Configuration review engagements are aligned to the following standards:

Minimum Baseline Security Standards of customer organization
CIS benchmarks
NIST standards
SecurEyes internally developed secure configuration review checklists

Why Choose us?

Conducted Secure Configuration review on 30000+ IT components globally for over 400+ customers
Comprehensive reviews with wide coverage including credential based scanning and non-credential-based scanning
Exhaustive reports with clear action items and achievable solutions
In-house developed Secure Configuration review scripts and manual checklists for COTS applications/systems
Team of experienced consultants certified against well-known global certifications
Worked with prestigious organizations across industry verticals to on Secure Configuration review assignments

You can get in touch with us at sales@secureyes.net to utilize our Cyber Security Testing services for your organization today.