RISK MANAGEMENT

Device Interrogation & Configuration Review

Essentials

The Device Interrogation and Configuration Review is a comprehensive analysis of the current security controls placed on the given system. It is critical to understand how the overall hardening techniques (also referred to as Minimum Security Baselines) have been applied to a given system and the underlying risks that may be associated. SecureState’s team performs both automated and manual assessments of the given system to identify potential security threats or misconfigurations with each analyzed system.

Benefits

Device Interrogation and Configuration Review focuses on the fundamental protective mechanisms on the network. Understanding what systems have exposures and incorporating the mitigation efforts can help develop a pre-defined set of security baselines that can easily be applied throughout the entire organization. Ultimately, this provides a solid level of assurance on the protection of each system and what exposures exist to the organization.

Expertise

SecureState’s team has a depth of knowledge on industry best practices and can assist your organization in protecting the systems through a review process. We perform in-depth technical assessments on a regular basis and understand how hackers are attacking systems.

Get Scoping Questions Now!

Fill in your details and you can download a FREE questionnaire to ask your vendors.

Your Name

Your Phone

Your Email

Your Company

We will not share or distribute your email to anyone. It will be used solely to contact you about the service you have inquired about.

Did You Know?

Device Interrogation and Configuration Review should be performed on every vendor configured, controlled or a supported system that is connected to your network.
Device Interrogation and Configuration Review should be performed annually against base images used to build other systems and key production systems
Device Interrogation and Configuration Review is embedded into the Minimum Security Baseline Process.
Vendor controlled and installed systems on corporate networks are frequently compromised during penetration tests. Device Interrogation and Configuration Reviews benchmark these devices against your Minimum Security Baselines (MSBs) and is a great way to ensure these third party devices meet your security standards.

Our Approach and Methodology

SecureState looks at industry best practices and hardening techniques, and interprets the configuration settings by understanding the overall architecture of the organization. By looking at logging and alerting capabilities, ingress and egress points, additional security methods, and best practices, SecureState can identify exposures and response capabilities in some of the first lines of defense for a network.

SecureState will review the device configurations for the following items:

Review configuration files for the identification and protection of all network segments
Review the processes and mechanisms for a security model that denies access by default, such that explicit access permissions must be specified
Review the documentation of those entries and to the configuration of those ports and services for access request and authorization listings
Identify the implementations of appropriate use policies
Review the implementation of processes for monitoring and logging access at access points to the network
Review the security monitoring process and its ability to detect and alert for attempts or actual unauthorized access
Identify best practices implementation and lack of hardening techniques
Reviewing appropriate documentation (Minimum Security Baselines and access control policies)
Conducting conversations with the appropriate client personnel
Evaluating the systems against Nationally recognized security hardening, placement, and integration guidelines

What Makes Us Different

A Device Interrogation and Configuration Review is performed by a team of consultants from our risk management and penetration testing team
SecureState doesn’t just use a check list to perform these reviews. Instead we look at the business needs of the system and client configuration documentation when performing the review
SecureState’s consultants have experience working with a wide range of operating systems, network devices and applications

Related Services

Downloads

We Can Help You

Generate New Image

Enter the code from above.