Configuration Review

Ensuring your devices and applications are security hardened makes them 'battle-ready' and resilient to cyber-attack

In addition to missing patches and security updates, a weak device or application configuration can significantly assist an attacker during an initial attack on your environment or when pivoting an attack from an already-compromised host.

Typical weak configuration settings can include weak or default credentials, insecure service permissions, unused management services being present, weak password & account lockout policies, ineffective event logging or a lack of application security hardening – all of which can prove valuable to an attacker.

A secure configuration review provides an in-depth inspection of your devices or applications to identify configuration weaknesses that may reduce their resilience to attack.

Security Hardening Experts

Our consultancy team are experts in their field and originate from a broad range of IT backgrounds, including systems administration, networking, cloud computing & virtualisation, storage, VoIP, database administration and SIEM solutions.

Combining our real-world experience & security research with industry-recognised security standards, results in us being equipped to provide our customers with expert security hardening advice on a wide range of systems and applications.

All of our secure configuration reviews are delivered with a comprehensive technical report, which can be understood by both technical and non-technical people in your organisation. We provide specific remediation advice to ensure that you are equipped to apply the necessary security hardening to your applications and devices.

Industry-Recognised Security Standards

All of our secure configuration reviews are conducted in line with recognised security hardening standards, such as those produced by the Center for Internet Security (CIS).

Depending on the customer environment and the device or application being reviewed, we also use hardening guidelines produced by the National Cyber Security Centre (NCSC), ISO 27001, PCI Security Standards Council and guidelines produced by application and device vendors.

Using industry-recognised hardening standards allows our consultants to deliver an accurate benchmark of your device or application and provides confidence and assurance to our customers.

Our secure configuration reviews include the following: