Every organisation’s IT systems are different. Regardless of how it looks, any mistakes when it comes to the installation or configuration of networks, servers, and other infrastructure can cause a ripple effect through your entire organisation.
We audit the security configuration of your key IT assets based on industry-standard benchmarks and ensure that each component of your IT infrastructure is working in harmony and as securely as possible.
Tailored to your It systems, needs and success criteria.
Using a combination of standardised and in-house developed techniques.
From high-level executive summaries to technical reports.
From our dedicated consultants and support team.
Taking a step back
Without regular reviews, any poorly configured component of your systems can be the weak link that allows an attacker to wreak havoc across your entire IT estate, causing outages and leaving you vulnerable to a security breach. Therefore, understanding how your new installation sits within your IT environment is vital.
By looking at the bigger picture when it comes to installing new operating systems, network devices, products or other components, our expert team will ensure that your infrastructure is as robust and running as efficiently as possible.
We offer configuration reviews for:
- Windows Server and Desktops
- Linux Servers
- Firewalls and Network Devices
- Database Servers
- Web Servers
Benefits of a Configuration Review
Implement best practices to take your security posture to the next level.
Review gold builds and standard configurations before implementing across your estate.
Review the security of your systems without the intrusion of an active penetration test.
Defence in depth
Identify weaknesses which present a risk in conjunction with another vulnerability.
How we work
We understand your IT systems and discuss your specific requirements before building a tailored proposal.
We analyse your applications and infrastructure using a range of advanced techniques.
Our comprehensive reports impart clear, practical advice on how to address any issues.
We offer ongoing support to guide you through the process of securing your systems.
What is a configuration review?
A configuration review will provide you with detailed insight into the security configuration of your off-the-shelf appliances and software products, ensuring all security features are enabled and correctly configured.
Why do my IT systems need a configuration review?
Many off-the-shelf appliances and software products are not securely configured out-of-the-box. An audit of the system’s configuration will provide recommendations on how to best utilise the product’s security features.
Which systems should I review?
You should conduct configuration reviews of any off-the-shelf appliances and software products such as:
- Windows servers
- Windows desktops
- Linux servers
- Network devices
- Database servers
- Web servers
We would recommend starting with any systems that contain sensitive information, for example servers or databases or systems that are externally facing such as firewalls. Additionally, any configuration that you plan to implement across multiple devices such as Windows desktop “Gold Builds” should also be reviewed by an independent third-party to validate that everything has been set up correctly and securely.
What are the types of issues that you will look for?
We will review the product’s configuration based on the manufacturer’s recommendation and industry best practices. These can range from the implementation of password policies, security updates, encryption configuration, access controls, auditing, logging configuration and other product-specific configuration options.
Application Penetration Testing
Cyber-attacks are more targeted, sophisticated and frequent than ever before, while the risks posed by internal users are often overlooked. Our penetration testing services model the techniques of criminal hackers and malicious insiders to identify any vulnerabilities in your online-facing or internal applications. Learn More
Network Infrastructure Testing
Our network testing simulates these real-world attacks to determine your strength and resilience against such threats. We identify specific vulnerabilities within your infrastructure and provide clear, practical advice on how you can safeguard your business as quickly and efficiently as possible. Learn more >