Build Security Reviews are typically used to assess key devices on a network, such as domain controllers, critical servers, or a gold image used to deploy a standardised operating system installation to other devices.
These assessments are manual assessments that go much further than checking for security updates and strong passwords to review the security configuration of a device.
Build Review Methodology Summary
Group Policy Configuration
Where the device security configuration is centrally managed through a system such as Group Policy, this configuration will be reviewed. This will generally include enforcement of password and account lockout policies. As well as the centralised management of device passwords through services such as Microsoft Local Administrator Password Solution.
Local Security Configuration
Where a device’s configuration is not centrally managed, or the Group Policy configuration is overridden through local configuration, the location configuration will also be reviewed. Additionally, it will include reviewing any local users on the device to ensure they are secured, and that the principle of least privilege is applied. Furthermore, this may include device specific configuration review such as the use of disk encryption, trusted platform modules, and BIOS security settings.
Network Configuration
A device’s network configuration will be reviewed, including the services that the device is running as well as any network service specific configuration. Especially the use of weak or known ‘vulnerable’ services such as SMB version 1 and the utilisation of insecure protocols such as Link Local Multicast Name Resolution. Further, a review of network security protection, such as any host-based firewall that is in use will be included.
Software Configuration
The software installed on the device will be reviewed to ensure that it is up-to-date and that its presence does not bring in additional risk to the system, this will include remote access software such as TeamViewer and Remote Desktop services, but will also include software such as web browsers, and protection mechanisms such as anti-virus and endpoint protection.
In addition to Penetration Testing we also offer Cybersecurity Training and Cybersecurity Consultancy to offer a comprehensive suite of cybersecurity services.
Cybersecurity Training
Akimbo Core deliver cybersecurity workshops all around the UK, as well as remotely. Our workshops cover a range of topics from technical subjects such as how to get the most out of cybersecurity testing, to security awareness issues within businesses.
Cybersecurity Consultancy
From security architecture to security assessment, we offer a wide range of services to ensure the protection of your assets. We use a highly flexible methodology to ensure that our services are fully aligned to your needs, delivered by a bespoke team with the precise skills and depth of experience needed to understand your issues and then effectively deliver the desired outcome. With our security assurance services, you can have peace of mind knowing that your systems and data are well-protected.