A security audit is detailed cybersecurity- penetration testing service consisting of the control and analysis of IT systems, the purpose of which is to most accurately determine the security status of the indicated IT system and the organization's IT security policies.
AUDITS OF NETWORK DEVICES
Analysis for: Brocade, Cisco, Juniper Networks, Huawei, HP, and Extreme Networks.
General analysis of security rules and conﬁguration. Analysis of the software version in terms of known vulnerabilities.
Analysis of device access conﬁgurations, device management methods, protocols used, and access lists.
Analysis of event logging mechanisms, system event logging, and transferring events to external systems.
Review of users obtaining access to a device, access rights granulation, administrative proﬁles, and cooperation with external systems for authentication, authorization, and processing.
Analysis of the conﬁguration of security rules in terms of ACL rules and best practices.
Analysis of software update mechanisms and security functionality signatures.
AUDITS OF SYSTEM
AND APPLICATION CONFIGURATION
These audits are intended to verify whether the existing conﬁguration of software used on an organization's infrastructure components is secure.
The conﬁguration ﬁles of all the services used by a given component are subject to tests to gauge the level of protection they provide. We check if particular services are isolated from one another and from the operating system at the level of access permissions so that in case of a security breach, the risk of the whole system being intercepted is minimized.
Moreover, the tests cover all the other peripheral services operating on given machines in terms of security and their overall usefulness. The latter frequently proves negligible while having a negative impact on security.
We perform conﬁguration audits based on our signature expert approach, relying on best market practices, CIS Security Benchmark, DISA STIGs, and OSSTMM and PTES standards.
The audit includes the following components:
Interview with the person in charge of the infrastructure component being scrutinized
Analyzing the architecture of the solution where the audited component is used
Veriﬁcation and analysis of the conﬁguration of infrastructure components
The scope of the audit may cover such components as:
Network devices: switches, routers, ﬁrewalls, access points, printers / multifunction devices
Operating systems: server/desktop / mobile
Servers: database/application / DNS / mail
The audit aims to analyze in detail internal application mechanisms in terms of security and identify the vulnerabilities that may be tricky to detect without the source code.
Code analysis enables in-depth understanding and review of application sub-systems, such as authentication, access control, integration with a database, etc. This solution offers the highest precision.