Build reviews are designed to support other penetration testing activities and help you build security into your systems from the ground up. By reviewing and hardening systems, organisations can make it a lot harder for malicious threat actors to gain a foothold on internal and external networks. The following system types are included in our build review service catalogue:
- Workstations (Desktops, Laptops, Citrix)
- Active Directory
- Application Servers
- Database Servers
Our build reviews provide a fine grained, comprehensive assessment of a system’s build, which if acted upon, will go some way to securing your networks.
Networks comprising systems that have been security hardened are very difficult to compromise even if there is an obvious route into a system. Hardened systems provide security in depth, which makes it harder for the initial compromise and the subsequent elevation of privileges and the lateral movement through the network.
Build reviews are very in-depth and provide a thorough review of a system’s configuration against industry best practice.
The results from the review can be used to create a gold standard build for future builds.
Build reviews are performed from a wholly authenticated perspective using admin/root privileges and as a result, they are extremely comprehensive.