Build Assessment

The Security Build Review conducts a detailed analysis of the system's security configuration and implementation, identifying potential vulnerabilities and weaknesses. This evaluation benchmarks the system against recognised industry guidelines created by the Centre for Internet Security.

This assessment provides insight into the host's ability to withstand attack from unauthorised users and protect itself against valid users abusing their privileges and access. The main focus is to identify any vulnerability that could be used to compromise the host system or conduct ex-filtration of data.

Our service can be fully tailored to the needs of your business, with reporting delivered in your preferred format where possible

Overview

The following high-level areas are included within the assessment:

  • Open TCP and UDP ports
  • Service permissions on binaries
  • Software patch level (both OS and 3rd party)
  • Evaluation of roles, security policies and permissions
  • Cryptographic Storage Analysis
  • Security products in use and their protection

Assessment Steps

Threat Modelling

Evaluates the risks associated with the device under review which are specific to the position of the device in the network, its purpose and value to the organisation

Baseline Assessment

Baseline Assessment - Attempts will be made to circumvent host restrictions by utilising a custom boot disc. This may allow our consultants to extract data held on the system, obtain password hashes, and bypass certain restrictions imposed on a normal user.

Main Assessment

The system will be reviewed using administrator-level credentials to ensure that that host has been secured in line with a suitable policy for the environment it resides in. This will be performed using both automated and manual assessment techniques, noting any deviations from suggested configurations.

Reporting

The assessment is documented in a simple, easily digestible, format.