WHAT IS A SERVER BUILD REVIEW?
A Server Build Review is a security assessment designed to test the devices your organisation use to provide business critical functionality and services on a day to day basis.
The assessment is designed to identify any weaknesses in the specific configuration of a device, or vulnerabilities which may be present and exploitable by unauthenticated or authenticated users.
WHY CONDUCT A SERVER BUILD REVIEW?
Servers can be setup to be public or private, providing key business functionality to your staff members and clients. Servers can also be the storage location of a wealth of sensitive information utilised by a number of people on a day to day basis.
This can make each server a prime target for any potential attacker who may gain access to the device through a multitude of potential attack vectors.
Ensuring the continuity of both your functionality and also the security of your data, both at rest and in transit, should be an important consideration for safeguarding your organisation.
During a Server Build Review the configuration and operating system are evaluated to determine if a secure setup has been established and to ensure there are no identifiable weaknesses.
The assessment is designed to pinpoint and rectify any holes within the build and covers patching levels, accessible services, weak credentials, service permissions, logging and auditing, firewall and antivirus configuration as well as registry settings.
As part of our approach, our Penetration Testers use a combination of the most effective automated tools and manual exploitation techniques to identify vulnerabilities across your devices. Our extensive reports provide a thorough assessment of each vulnerability and provide business context alongside each finding.
This is supplemented by technical and non-technical descriptions including evidence of exploitation to assist in prompt remediation activities and provide a thorough understanding of each issue.
A Build & Configuration Review report will allow your business to:
- Receive assurance around the secure configuration of your organisations Servers.
- Make ongoing improvements to a system via specialist support, advice and consultancy.
- Adhere to regulatory bodies who require Build Reviews to be performed.
- Gain access to a dedicated team of specialist CREST Registered penetration testers who use the latest tools and techniques to accurately assess and identify emerging threats