Build and Configuration Review
Targeted primarily against workstations and servers, build review services assess a device’s configuration against industry best practice and security guidelines (such as the benchmarks outlined by the Center for Internet Security (CIS). In environments where the same build is rolled out across the company, it is a good idea to ensure this standard build reviewed.
ProCheckUp has a wealth of experience in reviewing all flavours of Unix, Windows and database servers. Reviews are commonly performed as part of an on-site infrastructure engagement.
To ensure consistency across build reviews, ProCheckUp has developed a methodology, which ensures the following areas are encompassed as a minimum baseline:
Firewall Ruleset and Configuration Review
In contrast to all other penetration testing assessments offered by ProCheckUp, firewall ruleset and configuration reviews are conducted through a narrative-led approach. The configuration of the firewall device, and where possible a network diagram, is provided by the client, and a ‘step through review’ of the device’s Access Control List(s) and configuration settings is performed. Anything that deviates from security best practices, such as overly permissive rules, use of weak protocols, out of date firmware versions and lack of appropriate logging, are highlighted in the report.
The ruleset review will involve a methodical step through the firewall access controls lists (ACL’s) to ensure that access has been restricted to the bare minimum required to meet the business needs of the organisation.
In addition to firewall ruleset reviews, ProCheckUp offers network device configuration reviews – including switch, router, load balancer and other common network device variants.