Build & Configuration Reviews
What is a Build & Configuration Review?
A Build & Configuration Review is a comprehensive assessment of individual devices. Using an authenticated approach to identify vulnerabilities, insecure configuration settings, access to sensitive content and other issues which could lead to data disclosure or device compromise.
Why Conduct A Build & Configuration Review?
With the exponential growth of identified vulnerabilities and security breaches, it is no longer recommended to only review a devices perimeter security. In the event of a compromise or security breach it is important to understand the risks that your organisation faces and the security of your company’s data.
A build review can review the entire configuration of a device to ensure that they are protected from a range of common vulnerabilities, adhere to a number of best practice recommendations.
Types of Build & Configuration Review
Build & Configuration reviews can be conducted against a number of devices. Several types of Reviews exist to focus on each of these areas in detail and although more focused tests exist, the high-level categories are summarised as follows:
These assessments often have a goal of privilege escalation on the device and an organisations network.
Servers can be intended for public or private access and can therefore be targeted by a range of potential attacks. Ensuring their secure configuration is integral for any organisation.
A mobile device compromise of theft can have the same impact as any standard workstation and ensuring a secure configuration for each device has been implemented is an important security consideration for any organisation.
The secure configuration of these devices is important part in ensuring both your network and devices are safeguarded.