Host Hardening
& Configuration Review

Security Simplified consultants systematically review the current state of your system configuration to align it with the industry security standards. The review enables a customer to gain an understanding of how their system would defend in case an attacker successfully manage to exploit the application or network layer vulnerability and penetrate to the operating system.

Security Simplified consultants perform assessment with an understanding of the target system, connected network and the environment. The gap analysis is performed by benchmarking current system state and industry security standards and recommendations. The report details security improvements required to achieve the robust system state.

The current system configuration is reviewed against the industry security standards listed below:

  • Center of Internet Security (CIS)
  • New Zealand Information Security Manual (NZISM)
  • Vendor-specific security recommendations (Microsoft, Linux, Azure, AWS, etc.)
Image
Image

Our Methodology

Target System and Network Understanding

OS Benchmarking

Customise Tools and Scripts

Custom Script Execution

Retrieve Current System Configuration

Review configuration

Identify Weak System Configurations

Identify Exploit Path and Chaining Vulnerabilities

Evidence Collection

Executive Summary

Document Finding, Risk and Recommendations

Ongoing Support to System Team

Sample List of Checks

  • OS Patch & Security Updates
  • System Account & Password Policy
  • Auditing & Logging
  • Security Options
  • Advanced Windows Security
  • User Groups &File Permissions
Image

Reporting

  • Executive summary for the management
  • Vulnerability dashboard for the project team
  • Technical report for the development team
  • Vulnerability description, root cause, impact and remediation steps
  • Reporting and risk rating matrix based on CIS standards

Want to work with us?

Do you need help finding information or want to know more about what Security Simplified services can do for you?

CONTACT US

Copyright @2022 Security Simplified Limited