Contact Us
Contact Us
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Security Awareness

Defendza will strengthen the weakest link in your cyberchain, your employees, with the help of our security awareness programme

Read more
Complete this form to get in touch

Are you happy for Defendza to keep you informed on the latest developments in cyber security (attack reports, guidance, DIY articles)? Of course you can unsubscribe at any time. Please see our privacy policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Overview

Secure build reviews deal with understanding the Operating System's hardening practices from an end-user perspective and identify gaps within your security. A mis-configured server in a network can act like a stepping stone for a threat actor to jump on to other servers

Why do you need Security Awareness?

Due to time limited testing, a network level penetration test is unable to assess all facets of Operating System (OS) configuration. A focussed build review would help your organisation to assess and prepare a benchmark (a.k.a gold build) to be used as standard before deploying OS builds across the estate. Any improvements in terms of findings from build review assessment can be implemented on a single gold build rather than facing numerous challenges to deploy changes across all hosts/servers within your network.

It is important to have robust and secure build that is consistently deployed across the estate. This would provide assurance that all business-critical systems are protected from network and local attack perspective.

Methodology

Miscellaneous Checks

Additional checks around the following would be part of this assessment as well. This includes (and not limited to):

  • Logging and monitoring solution review
  • Reviewing the services enabled on the server
  • Identifying clear-text passwords stored on the server
  • Applocker settings applied against the apps installed

Group Policy Settings Review

Group Policy allows administrators to define security policies for users and the servers within the network. These policies are administered from a central location exclusively to the Windows operating system. The policy settings generally, among other things, enforces password settings, external media access, network level access, patching schedule and application restrictions.

A well configured group policy would ensure a safer network for an organisation and minimise the attack window for a threat actor to gain unauthorised access.

User Accounts & Privilege Level Check

A privileged user account has unlimited permissions to systems or data stored on a network. A person with a privileged account is in a position to make changes to system configuration, read / modify sensitive data and grant access to business critical areas to other users (including create additional accounts). A privileged account within an organisation fall under the following types:

  • Domain administrator
  • Local administrator
  • Service accounts
  • Business privileged user accounts

Build review would identify list of user accounts and their privilelges, making the business aware of the threat a server is exposed to.

OS & Third-Party Patch Check

A vast majority of cyber attacks take advantage of known software and hardware vulnerabilities. Unpatched software including Operating System (OS) and third-party applications, can attract malicious code to the vulnerable servers. Software patching can act as a defensive armor that repels malicious attacks and protects your organisation against multiple exploits. 

Antivirus / Firewall Security

A firewall provides protection from prying eyes and stops malicious intruders from gaining unauthorised access to your business critical servers. A well configured firewall prevents confidential / sensitive information from being sent out from your server without explicit permission.

Similarly an updated antivirus can provide first layer of host based protection against malicious code from harming the server.

Disk encryption

Full disk encryption is a cryptographic method that applies encryption to the entire hard drive including data, files, the operating system and software programs. In an adverse case, if a device / server is stolen or an unauthorised physical access is achieved, this could be disastrous for a company. A threat actor would gain access to sensitive information such as personably identifiable information (PII) or proprietary information stored on this device due to lack of disk encryption. 

Bios / Boot Security

Your servers BIOS or UEFI Firmware offers the ability to set lower-level passwords. These passwords would restrict people from booting the server, booting from removable devices, and changing BIOS or UEFI settings without an administrators permission.

Working on your Gold Build for production environment ?
Call Us Now

Why Defendza ?

Thorough Analysis and Reporting

Our reports are comprehensive and include all the evidence that supports our findings. We give you a risk rating that considers how likely an attack is as well as the impact it could have. We don’t create panic scenarios. Our mitigation is detailed, covering both strategic and tactical areas to help our clients prepare a remediation plan.

Custom tools and scripts

Apart from the range of commercial and open source tools available for specific testing, our team has its own custom scripts for efficient testing. We provide accurate results to make sure our clients completely understand any vulnerabilities we report.

In-house experts

Our teams are led by veteran security consultants accredited by CREST standards for the last several years. Our experience shows that our clients are best served by giving them the right advice for their cyber security needs. We do not believe in spreading fear, uncertainty and doubt to generate more business.

Key Benefits

Our secure build review team is waiting
Call Us Now

Testimonials

"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."

Information Security Officer
Insurance Group

Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."

Head of Technical & Business Improvement
Leading Pharmaceutical Manufacturer

"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."

Director, Software Engineering
Global Information and Analytics Company

"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."

CTO
Manchester headquartered Global Fashion Brand

"Extremely satisfied with approach, speed and end results. Thanks."

COO
International fashion label and store

"My experience of the Defendza team was 5 star.  They were so helpful, and their technical delivery and client communication were excellent."

Director, Software Development
Corporate Services Company

Resources

Manufacturers Can’t Afford the Cyber Risks

09/06/2019

Much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces