Configuration Reviews

Every organisation’s IT systems are different. Regardless of how it looks, any mistakes when it comes to the installation or configuration of networks, servers, and other infrastructure can cause a ripple effect through your entire organisation.

We audit the security configuration of your key IT assets based on industry-standard benchmarks and ensure that each component of your IT infrastructure is working in harmony and as securely as possible.

Bespoke Service

Tailored to your It systems, needs and success criteria.

In-depth Assessments

Using a combination of standardised and in-house developed techniques.

Personalised Reporting

From high-level executive summaries to technical reports.

Ongoing Support

From our dedicated consultants and support team.

Taking a step back

Without regular reviews, any poorly configured component of your systems can be the weak link that allows an attacker to wreak havoc across your entire IT estate, causing outages and leaving you vulnerable to a security breach. Therefore, understanding how your new installation sits within your IT environment is vital.

By looking at the bigger picture when it comes to installing new operating systems, network devices, products or other components, our expert team will ensure that your infrastructure is as robust and running as efficiently as possible.

We offer configuration reviews for:

Windows Server and Desktops
Linux Servers
Firewalls and Network Devices
Database Servers
Web Servers

Benefits of a Configuration Review

Reduce risk

Implement best practices to take your security posture to the next level.

Save Money

Review gold builds and standard configurations before implementing across your estate.

Non-intrusive

Review the security of your systems without the intrusion of an active penetration test.

Defence in depth

Identify weaknesses which present a risk in conjunction with another vulnerability.

How we work

Consultation

We understand your IT systems and discuss your specific requirements before building a tailored proposal.

Review

We analyse your applications and infrastructure using a range of advanced techniques.

Reporting

Our comprehensive reports impart clear, practical advice on how to address any issues.

Support

We offer ongoing support to guide you through the process of securing your systems.

FAQs

What is a configuration review?

A configuration review will provide you with detailed insight into the security configuration of your off-the-shelf appliances and software products, ensuring all security features are enabled and correctly configured.

Why do my IT systems need a configuration review?

Many off-the-shelf appliances and software products are not securely configured out-of-the-box. An audit of the system’s configuration will provide recommendations on how to best utilise the product’s security features.

Which systems should I review?

You should conduct configuration reviews of any off-the-shelf appliances and software products such as:

Windows servers
Windows desktops
Linux servers
Firewalls
Network devices
Database servers
Web servers

We would recommend starting with any systems that contain sensitive information, for example servers or databases or systems that are externally facing such as firewalls. Additionally, any configuration that you plan to implement across multiple devices such as Windows desktop “Gold Builds” should also be reviewed by an independent third-party to validate that everything has been set up correctly and securely.

What are the types of issues that you will look for?

We will review the product’s configuration based on the manufacturer’s recommendation and industry best practices. These can range from the implementation of password policies, security updates, encryption configuration, access controls, auditing, logging configuration and other product-specific configuration options.

Other services

Application Penetration Testing

Cyber-attacks are more targeted, sophisticated and frequent than ever before, while the risks posed by internal users are often overlooked. Our penetration testing services model the techniques of criminal hackers and malicious insiders to identify any vulnerabilities in your online-facing or internal applications. Learn More

Network Infrastructure Testing

Our network testing simulates these real-world attacks to determine your strength and resilience against such threats. We identify specific vulnerabilities within your infrastructure and provide clear, practical advice on how you can safeguard your business as quickly and efficiently as possible. Learn more >

Cookie Name	Expiration Time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_gat	1 minute	Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

_gac_<property-id>	90 days	Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.
__hstc	13 months	The main cookie for tracking visitors.
hubspotutk	13 months	This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
__hssc	30 minutes	This cookie keeps track of sessions.
__hssrc	End of session	Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.