The goal of a host audit is the analysis of individual servers on OS level. For that, we use a administrative access to audit the configuration as well as the patch level of the corresponding host in a whitebox procedure. Compared to an infratructure penetration test, this procedure can identify outdated and possibly vulnerable services way faster and more comprehensively. In addition to that, the configuration of the server can be audited, which is not the case with a penetration test.
An overview of the existing configuration and it’s divergences will be created and every deviation from the recommendation will be assessed regarding it’s potential risk.
We base our methods on the common best practices of the center of internet security and analyze every host both manual and automated. Aside from the configuration analysis, the installed software is also scanned for outdated versions. That also helps to uncover flawed update procedures that can occur when (e.g.) services aren’t properly restarted. Among other things, internal virus databases and certificate revocation lists are also evaluated which is usually not the case in a normal OS update procedure.
We assist you:
- Examination of the server’s running software regarding vulnerabilities (also software that isn’t reachable over network is examined)
- Comparison between the configuration of the server and common best practices
- Extensive report with proposed measures in your desired format
- Additional list of hardening measures in tabular form for easy further processing
Our analysis is oriented towards the most common standards: