© 2020 Content Security Pty Ltd.

Threat Ops

Design & Configuration Review

Identify weakness in your security architecture with a review designed to assess, improve and re-engineer your current design to meet industry best practice and current attack vectors.

To identify any weaknesses inherent in the design of your security architecture, we will analyse the high-level system documentation focussing on the purpose of the system. To provide a customised risk assessment, we compare the security architecture design against both industry best practices and current attack vectors.

Once this has been completed, we may recommend building, improving, or reengineering your design to meet the following: organisational policies, industry best security practices and compliance standards (i.e. CIS, HIPAA, FERPA, GLBA etc.), legislation and regulations.

An early design or configuration review in the system lifecycle process will enable your organisation to minimise costs and prevent delays. A flawed design or implementation can increase the security risks and can have legal repercussions.

Desired outcomes

Unlike a software requirements specification, a security architecture review will clarify whether the design or configuration will prevent desired functionality, will cause unintended functions or will affect security controls.

Our design and configuration reviews provide security best practice recommendations for:

  • Authentication
  • Cryptography
  • Information the system will hold (PII / PCI DSS) and how it is held
  • User roles and permissions
  • Interactions with external systems
  • Software and framework choices.

Why Content Security?

Our team are seasoned, experienced and business-minded security consultants with an average of 10 years experience having conducted hundreds of design and configuration reviews for clients across state and local government, health, finance and nonprofit organisations.

For more information please contact our cybersecurity professionals today.