- Category: Configuration Audit
- Standards followed:CIS, NIST
- Services Brochure: Download
Configuration audit & System hardening
The purpose of the Configuration Review is to verify the operating condition and effectiveness of the security configuration and rulesets of the network devices, databases, operating systems and other security appliances. The review is performed considering factors like corporate policies, industry best practises and the requirement of the organization. This helps to identify and mitigate the risks, thus reducing the risk of a security incident. The running configuration files of devices like routers are analysed for any security drawback. Similarly logs are analysed to make sure no anamoly or malicious behavior have been observed within the network infrastructure.
WHY CONFIGURATION AUDIT
Reveal vulnerabilities at core level
Configuration audit helps reveal the vulnerabilities at the core level of the device. These vulnerabilities might not reflect in automated scans as it requires the understanding of requirement of the organization as well.
A secure configuration helps to prevent malicious activities by implementing a defense in depth approach. Even a compromised machine turns useless for an attacker if it is hardened.
Configuration audit sheds light on the defined access controls that might otherwise be missed by an organization.
Focus on post attack analysis
Checks are made to ensure that the devices have right logging mechanism that help in post attack scenarios to gather evidence.
At the end of activity client receives report with the detailed findings, risk rating, steps for their mitigations along with appropriate screenshots.
Got Questions? We are just an email away!