Contact Us
Contact Us
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Device Audit

Whether it is your device operator, manufacturer or service provider, secure device configuration is an important element in ensuring the security of components responsible for data transport. 

Read more
Complete this form to get in touch

Are you happy for Defendza to keep you informed on the latest developments in cyber security (attack reports, guidance, DIY articles)? Of course you can unsubscribe at any time. Please see our privacy policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Overview

Devices play an integral role in any infrastructure environment as you have to connect these dots in order to have communication with outside world, adjacent networks or other trusted vendor networks. Importance of secure configuration to ensure a good hygiene can't be underminded in this area. These include comprehensive checks around stable and secure firmware, patch management, user and administrative interface restrictions, use of strong and multi-factor authentication and device related secure configuration steps. 

Why you need a Device Audit?

  • Based on the positioning of the devices, security is an important element to assure confidentiality, availability and integrity of data traversing these devices. 
  • This exercise validates secure architecture practices in use by the internal teams. This includes but not limited to network design, active directroy integrations with third party devices, internal dashboards, bespoke devices.
  • Compromise of these devices could easily lead to business downtime, loss of revenue and in some cases even bad reputation as seen for some banks in media recently.

Methodology

Reporting

The assessment-execution phase is followed by the analysis & reporting. Defendza performs analysis on the testing output, evaluates the risk impact and likelihood of exploitation in realistic scenarios before providing action plans to remediate the identified risks. All our reports address business as well as the technical audience with supporting raw data, including mitigation measures at strategic and tactical levels. 

The pro-active approach towards security

Cybersecurity is only effective when it is proactive. By identifying weaknesses and vulnerabilities before they are exploited, you ensure the integrity of your network. Frequent security assessments also create a more efficient system, helping to prevent data loss and minimise any downtime that would affect your business and your customers.

A fresh set of eyes

No one doubts the talent and commitment of your in house administrators and developers, or the great work they’re doing. But, by having a third party come in and perform an independent cybersecurity audit and review of your systems, you can ensure that no stone is left unturned. Our team of skilled cybersecurity experts will help to identify any vulnerabilities and weaknesses your team may have missed.

Logging

Event logging provides you visibility into the operation of your device and the network into which it is deployed. We review how the logs are configured and stored for all the devices under review

The very purpose of security is to be proactive and make it challenging for a threat actor attempting to compromise your network. This might not be enough and you need to able to detect the actual breaches as they are being attempted. Reviewing logs regularly could help identify malicious attacks on your device or network in general.

Rules / ACL Review

We review ACL's / rules applied in the device configuration to ensure no additional or inappropriate files have been configured. This also includes identifying any inactive or disabled rules. 

Devised to prevent unauthorized direct communication to network devices, infrastructure access control lists (ACLs) is one of the most critical security controls that can be implemented in networks. Infrastructure ACLs leverage the idea that nearly all network traffic traverses the network and is not destined to the network itself.

Patching

As part of the audit, we review the device operating system and version in use. We review the patching policy and if the device under review is part of this policy as well.

A patch management policy is important for keeping your system's security regularly updated. Patch management involves obtaining, testing, and installing several patches to the computer system to keep it safe against malware attacks. The tasks carried out during patch management include: keeping up to date on which patches are available, determining what patches are right for your system, making sure that these patches are properly installed, testing your system after installation, and documenting all related procedures.

Review Services

We analyse the underlying device for excessive and unnecessary services, default access credentials, management services (such as Telnet and SSH), and general configuration.

As a security best practice, any unnecessary service must be disabled. These unneeded services, especially those that use User Datagram Protocol (UDP), are infrequently used for legitimate purposes but can be used to launch DoS and other attacks that are otherwise prevented by packet filtering.

Authentication Server

Passwords control access to resources or devices. This is accomplished through the definition of a password or secret that is used to authenticate requests. When a request is received for access to a resource or device, the request is challenged for verification of the password and identity, and access can be granted, denied, or limited based on the result.

We review the type of authentication mechanism is implemented on the device. In addition, the password policies applied on the roles and privileges /user account on the device is reviewed by analysing the password hash, if that is obtained from the device config

Management Plane

The management plane consists of functions that achieve the management goals of the network. This includes interactive management sessions that use SSH, HTTPS (if web interface available) as well as statistics-gathering with SNMP. When you consider the security of a network device, the management plane must be protected. If a security incident can undermine the functions of the management plane, it can be impossible for you to recover or stabilize the network.

The management plane is the plane that receives and sends traffic for operations of these functions. You must secure both the management plane and control plane of a device, because operations of the control plane directly affect operations of the management plane.

Schedule your secure configuration review
Call Us Now

Why Defendza ?

Thorough Analysis and Reporting

Our reports are comprehensive and include all the evidence that supports our findings. We give you a risk rating that considers how likely an attack is as well as the impact it could have. We don’t create panic scenarios. Our mitigation is detailed, covering both strategic and tactical areas to help our clients prepare a remediation plan.

Custom tools and scripts

Apart from the range of commercial and open source tools available for specific testing, our team has its own custom scripts for efficient testing. We provide accurate results to make sure our clients completely understand any vulnerabilities we report.

In-house experts

Our teams are led by veteran security consultants accredited by CREST standards for the last several years. Our experience shows that our clients are best served by giving them the right advice for their cyber security needs. We do not believe in spreading fear, uncertainty and doubt to generate more business.

Key Benefits

Book your secure device reviews
Call Us Now

Testimonials

"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."

Information Security Officer
Insurance Group

Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."

Head of Technical & Business Improvement
Leading Pharmaceutical Manufacturer

"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."

Director, Software Engineering
Global Information and Analytics Company

"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."

CTO
Manchester headquartered Global Fashion Brand

"Extremely satisfied with approach, speed and end results. Thanks."

COO
International fashion label and store

"My experience of the Defendza team was 5 star.  They were so helpful, and their technical delivery and client communication were excellent."

Director, Software Development
Corporate Services Company

Resources

Manufacturers Can’t Afford the Cyber Risks

09/06/2019

Much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces