Device Interrogation & Configuration Review

SecureState interprets system configuration settings then applies industry best practices and hardening techniques.

The Device Interrogation and Configuration Review is a comprehensive analysis of security controls placed on a system. This review is critical for understanding how overall hardening techniques, or Minimum Security Baselines (MSBs), are applied to a system. SecureState performs both automated and manual assessments of systems to identify potential security threats and misconfigurations.


Device Interrogation and Configuration Reviews focus on the fundamental protective mechanisms on the network. Understanding what systems have exposures and incorporating the mitigation efforts can help develop a predefined set of security baselines that can easily be applied throughout the entire organization. Ultimately, this provides confidence that each system is protected and existing exposures are known and understood by the organization.


SecureState has a depth of knowledge on industry best practices and can assist your organization in protecting the systems through the review process. We perform in-depth technical assessments on a regular basis and understand how hackers are attacking systems.

Approach and Methodology

SecureState interprets system configuration settings by first understanding the overall architecture of the organization and the role the device holds within the infrastructure. Armed with this information, SecureState can then analyze the device configuration against industry best practices and hardening techniques. SecureState strives to identify exposure and breach-response capabilities by looking at logging and alerting abilities, ingress and egress points, compensating controls, system roles, and defense best practices.

SecureState reviews device configurations for the following:

  • Implementation of existing minimum security baseline.
  • Does the system configuration adhere to industry standards and best practices?
  • Use of protocols known to be insecure.
  • Up to date releases and known vulnerabilities.
  • Does the device configuration match its specified role?
  • "Who, what, when, where, and why" regarding system access
Get Started!