SecureState interprets system configuration settings by first understanding the overall architecture of the organization and the role the device holds within the infrastructure. Armed with this information, SecureState can then analyze the device configuration against industry best practices and hardening techniques. SecureState strives to identify exposure and breach-response capabilities by looking at logging and alerting abilities, ingress and egress points, compensating controls, system roles, and defense best practices.
SecureState reviews device configurations for the following:
- Implementation of existing minimum security baseline.
- Does the system configuration adhere to industry standards and best practices?
- Use of protocols known to be insecure.
- Up to date releases and known vulnerabilities.
- Does the device configuration match its specified role?
- "Who, what, when, where, and why" regarding system access