Configuration check or hardening check
Reduction of the system configuration attack surface
The focus is often on defence against attacks from the internet. Companies invest large sums of money to optimise the detection and prevention of attacks. The most successful attacks of the past have one thing in common: they are based on the neglect of defence within the organisational boundaries. As soon as the first systems are infected, attackers try to spread laterally. In order to prevent the lateral spread to surrounding systems, the risk-based configuration of the individual systems is of crucial importance.Operating systems often come with default configurations. For example, operating systems in the default configuration tend to be designed to be user-friendly and backwards compatible and thus also support obsolete and insecure technologies. According to the motto: "The main thing is that it runs", even weak configurations that have been known for a long time are allowed.
A configuration check will answer the following questions, among others:
Your added value
The main aim is to highlight the attack surface for internal attacks and consolidate explicit recommendations for your company.
These are in particular:
IT Security Consulting