Why a Build Review is Essential
System hardening aims to configure a system securely by eliminating unnecessary functionalities. Every superfluous application, service, driver, feature, and setting can introduce potential security vulnerabilities. Once a system is fortified and integrated into an environment, it's pivotal to ensure its security robustness by regular updates and patches. Both internal and cloud build reviews help benchmark system builds against recognized standards, including CIS, ISO, SANS, or NIST.
Servers often contain sensitive information, making them prime targets for attackers. The assessment process we adopt for server build reviews can also be applied to auditing other devices. For more detailed information on network device configuration reviews, please see our 'Firewall Rule and Configuration' section.
To assess your server's security, we require:
An account with local administrator privileges.
A management login channel, tailored to the specific systems under review.
Using host-based audit tools, custom scripts, and manual checks, we examine your systems through the top three layers of the defense in depth model: Host, Application Layer, and Data. By employing this comprehensive approach, we ensure every aspect of your build has been meticulously assessed and fortified.
- Defence in Depth: Host
Focused on the operating system and core services, this phase aims to detect vectors that might empower an attacker.
- Defence in Depth: Application
This layer delves into software or services central to the server's role, from web servers to database software or even broader applications like Active Directory.
- Defense in Depth: Data
The pinnacle of our review ensures that data stored remains protected and is suitable for the protection level the system offers.
Guidelines and Practices
While numerous hardening guidelines are available, we typically reference standards from NIST, CIS, software publishers like Microsoft, and CESG. Recognizing the unique needs of each organization, we also offer custom build reviews tailored to your specific business requirements.
Upon completion, you'll receive a detailed technical report, highlighting all identified issues, recommended solutions, and an executive summary. We prioritize immediate notification of severe vulnerabilities to ensure a collaborative relationship with our clients.