What we test

The most common issues identified by our configuration review services are:

  1. Missing Security Updates: in addition to flaws in the network (HTTP, FTP etc.) we look for threats in local-only software (Java, Silverlight, Adobe etc.) which increase options for attackers using Phishing techniques.
  2. Weak Passwords: offline brute-force analysis of password hashes provides a true depiction of password strength.
  3. Local Privilege Escalation: we will uncover routes that a low privileged user could use to gain full control over the target.

A configuration review is recommended when you are:

  • Developing a new ‘gold’ build for workstations or servers: always consult security experts before rolling out your new build, to detect flaws before they can be exploited
  • Reviewing your firewall configuration and rule-set: regular reviews ensure this essential part of your security apparatus is effective
  • Evaluating a new security appliance (e.g. Switch, Firewall, IDS): ask vendors to submit devices for assessment during any procurement process
  • Assessing high availability devices for their security: configuration reviews are a non-invasive assessment, so you can be confident that the device will function normally throughout the process

PROTECT YOUR BUSINESS

Find out how we can transform your cyber defence and fortify your networks

Get in touch

We love what we do, and we’re passionate about cybersecurity. Since we started out in 2001 (formerly as Pentest Ltd), we’ve continuously invested in research, technology, our people, and the depth of security services we offer.

Every company we partner with gets the full Secarma experience, where we get to know your fears, your challenges and your business goals. Our accredited consultants then deliver a truly bespoke experience to ensure your ongoing peace of mind.

It’s through our decades of training and experience, that we’re able to help protect your business.

  • EXPERIENCE Deep understanding of penetration testing, application security, cybersecurity & training.

  • METHODOLOGY Tailored, finely-tuned, in-house methodologies based on industry best practice.

  • VALUE We treat all clients as partners, and you'll have ongoing access to our consultancy team.

  • EDUCATION We help embed a culture of security, and teach developers how to think like hackers.

Pentest Accreditations Crest Accredited IT Health Check Service ISO 9001 IS0 27001 Cyber Essentials Accreditation