Secure Build and Configuration Review Services
In today's intricate digital ecosystems, the proper configuration of workstations and servers is paramount. Ensuring these devices adhere to recognized best practices and security benchmarks not only bolsters cybersecurity but can also be a significant line of defense against threats.
The ProCheckUp Advantage:
Harnessing the benchmarks laid out by esteemed entities such as the Center for Internet Security (CIS), ProCheckUp offers meticulous build review services. Particularly for organizations employing standard builds across various departments, ensuring these builds are secure is non-negotiable.
Our extensive experience spans diverse environments, from Unix and Windows servers to various database setups. Typically integrated into on-site infrastructure assessments, our reviews guarantee a comprehensive scrutiny of your configurations.
Our Comprehensive Review Methodology:
To promise uniformity and rigor in our reviews, we've distilled a proprietary methodology. At its core, this methodology guarantees that areas like firewall rule sets and configurations are rigorously evaluated.
Diving Deeper into Firewall Ruleset and Configuration:
Unlike our suite of penetration tests, our firewall reviews adopt a narrative-centric approach. With configurations and, when feasible, network diagrams supplied by clients, we conduct an exhaustive "step-through" evaluation. This scrutiny extends to the device's Access Control List(s) and associated configurations. Our reports flag any deviations from established best practices, including over-extended permissions, reliance on frail protocols, outdated firmware, or inadequate logging protocols.
A thorough combing of the firewall's Access Control Lists (ACL's) ensures only essential accesses, aligned with the organization's functional needs, are granted.
Beyond Firewalls – Network Device Reviews:
In complement to our firewall evaluations, ProCheckUp delves into the configurations of other network devices. From switches and routers to load balancer's, we leave no stone unturned.
ProCheckUp Engagement lifecycle
Procheckup utilises a standard engagement model for all engagements which is defined below: -
Offering - Activities that take place before the execution of a consultancy assignment:
- Pre-sales and identification of client needs;
- Creation of an agreement, typically covering: - Context of the work - Services and deliverables - Approach and work plan - Roles and responsibilities.
Execution - Delivery of the services agreed at the offering stage to satisfy the client:
- Refining the work plan;
- Implementing the agreed work plan;
- Assignment of staff, management and mentoring;
- Approval and acceptance.
Closure - Activities that take place at the end of a consultancy assignment:
- Final client evaluation and agreement that the service has been delivered;
- Conclusion of obligations;
- Finalising payment;
- Any subsequent improvements to the service.
Interested in fortifying your configurations? Contact us to embark on a cybersecurity journey defined by rigor and expertise.