A detailed review of security configurations, based on manual review of configuration settings of assets.The Objective of the review include:
Identifying vulnerabilities on high network and security devices such as High risk user accounts and group configurations, user and group administration / configuration control processes, configuration weaknesses etc.
- Identifying Access control deficiencies such as excessive or inappropriate user and application/service privileges, etc.
- Identify and examine security control settings on network services associated with supporting perimeter protection
We commonly perform configuration audit for Routers, Switches, Firewall, Linux & Windows Servers. Based on the client request we will perform reviews of other specific devices also.
A secured configuration audit examines every aspect of your network for flaws that attackers may use to obtain access. Network/Security Devices, Databases, and the Operating System are all included.
During automated scans, we analyse and uncover many possible risks like injection, XSS, CSRF, authentication, session management vulnerabilities, and so on. Following the audit, we offer a safe/hazardous status check, which includes a full description of any unsafe findings as well as a risk rating. In addition, for each found vulnerability, we give a thorough repair approach.All evaluations are subjected to a series of technical and editorial quality assurance checks. The first report will include a safe/unsafe status check and a thorough description of any unsafe results. After that, the findings are reviewed with the administrator in order to have a better understanding of the client’s architecture or environment. A final secure configuration audit review report is produced that includes all technical findings, hazards, and mitigation recommendations.