Newsletter Anmeldung

Bleiben Sie mit dem Newsletter immer up to date.

Zur Anmeldung
Request
arrow-to-top
HomeConsultancyIT securityConfiguration check / hardening check
Niklaus Manser
Head of IT Security Consulting
request

Configuration check / hardening check and Cloud Security Posture Management (CSPM)

Niklaus Manser
Head of IT Security Consulting
request

Reduction of the attack surface during system configuration

Providers of standard products often invest heavily in the security of their IT infrastructure or software products. For such systems, carrying out a penetration test is not very efficient or effective. To ensure the security of standard products, it makes sense to build on the security recommendations of manufacturers and standards such as the Centre for Internet Security (CIS) benchmarks.

Examples of such standard products:

  • Cloud solutions (Software-as-a-Service, SaaS) such as Microsoft 365 or Google Workplace
  • Cloud solutions (Platform and Infrastructure-as-a-Service, PaaS and IaaS) such as Microsoft Azure, Google Cloud Platform (GCP) or Amazon Web Services (AWS)
  • Network components such as firewalls
  • Platform components such as backup systems or virtualisation solutions
  • Operating systems such as Microsoft Windows or Linux and their derivatives


Execution

A configuration check should answer the following questions, among others:

  • Are required services configured according to recommended best practices?
  • Is strong encryption used where possible?
  • Are system events appropriately recorded and monitored?
  • Do users and admins only have the necessary authorisations?
  • Are unnecessary services and functions deactivated?

We will be happy to support you in the contextualised implementation of these security recommendations and standards in your environment or provide you with a third-party opinion that you have thought of everything.


Cloud Security Posture Management (CSPM)

Unlike traditional configuration checks, CSPM takes a continuous, automated approach to monitoring and assessing security and compliance risks. Misconfigurations and discrepancies are checked in real time to provide a continuous overview of the security status of distributed and Internet-exposed resources and services. CSPM thus expands traditional hardening with cloud-specific mechanisms, scalability and context sensitivity.

We would be happy to help you find the right approach and efficiently manage the complex to-do lists from the CSPM system.


Your added value

The main aim is to identify the attack surface for internal attacks and to identify sensible improvements for your system environment.
These are in particular

  • Reduction of lateral movement possibilities
  • Avoidance of insecure technologies and protocols
  • Increased traceability of events

You will receive these and other recommendations in a consolidated final report.

Non-binding enquiry

© Swiss Infosec AG 2025