© 2020 Content Security Pty Ltd.

security assurance services

Configuration Reviews and Audits

In an ever-changing security landscape, our configuration reviews provide necessary, collective and consistent expertise to keep your IT infrastructure up-to-date and compliant.

With so many regulations and standards to meet, where are businesses to look for cohesive cyber security guidance?

Baseline guidance for enhanced cyber defence capabilities has never been more important

In today’s rapidly evolving security ecosystem, businesses need consistent and cohesive direction on how to best configure their technology investments. This is especially true for the masses of enterprises undergoing digital transformations, and furthermore, for the many looking to strengthen their cyber security defences against evolving threats. Thankfully, the CIS Benchmarks provide a means of doing so in a cost-effective, cohesive manner. 

The Center for Internet Security: well-defined, unbiased industry best practice

The Centre for Internet Security (CIS) is a not-for-profit organisation who identifies, provides and promotes consensus-based best practice security standards and policies. The CIS Benchmarks act as an expertly crafted guide for calibrating and configuring a range of IT products.

There are over 140 benchmarks, with the extensive list spanning several core technology categories such as server software, cloud providers, desktop software, network devices and more. With the help of our configuration reviews, you can meet these benchmarks and safeguard your systems from evolving cyber threats.

CIS benchmark

The earlier you conduct a configuration review, the more you can minimise costs and avoid potential delays

There's no better time than the present - prioritise your security today

A flawed design or implementation can increase security risks and as a result, can lead to extensive financial and legal repercussions. An early design or configuration review in the system lifecycle will enable your organisation to minimise these costs and prevent delays.

Any vulnerabilities within your IT and security systems have the potential to instantly denigrate the security of your entire organisation

Ensuring the highest standard of security starts with the CIS Benchmark

Our security consultants are able to review the security configuration across a wide variety of your systems, servers and devices. We identify where your IT and technology systems are lacking in comparison to the CIS benchmarks and other industry standards, thus guiding you on the road to more robust and secure configurations.

Guided by industry best practice

The primary objective of our configuration reviews is to ensure your environment is meeting industry best practice. Therefore, we leverage the extensive CIS benchmarks as a guide, comparing your technology to industry best practices as well as current attack vectors.

High-level documentation review

Consulting these globally recognised industry standards and utilising leading technologies, our security consultants analyse your high-level documentation. As a result, we’re able to deliver a customised and comprehensive risk assessment of the in scope environments.

Detailed reporting and recommendations

We collate any audit findings in a detailed report, assessing your settings in comparison to the CIS benchmarks. In addition to general evaluation details, we provide recommendations for any remediations and further enhancement of your security posture.

Unveil your true state of security

This assessment identifies any poor security practices and common misconfigurations present in your systems to secure you now and into the future. For instance, we’re able to test the security of your AWS environment to ensure strong foundations for future deployments.

Ensure CIS Benchmark compliance across a wide range of environments

We're able to conduct configuration reviews in line with the seven core categories of CIS Benchmarks and other industry standards

The environments listed here are provided as a sample of the configuration reviews we conduct. Please contact us for more information on our entire suite of review offerings.
The objective of this configuration review is to ensure your AWS environment has suitable security controls in place for the data it’s processing and to form secure foundations for future AWS deployments.
We analyse your Azure cloud infrastructure for insecure account configurations, insufficient logging and monitoring, SQL server encryption and more.
Office is one of the most commonly used desktop software applications and is thus one of the most commonly reviewed environments by our team. The benchmark focus is mainly on email privacy, default browser settings and third-party software blocking.
Active Directory (AD) contains core configuration and authentication and therefore requires high levels of security to protect an organisation’s hierarchy. We check for common security misconfigurations in addition to weak password policies, inactive user accounts and more.
In a similar vein to penetration testing, our SOE audits identify security vulnerabilities that are likely to be exploited by attackers. We compare your organisation’s current settings to the CIS benchmarks, the Microsoft Security Compliance Toolkit (MSCT), and Australian Cyber Security Centre (ACSC) hardening guideline.
Our testers perform account audits on your directory services, LDAP and applications. During these reviews, we ensure users have appropriate permissions set and that leftover or unused administration accounts are not left as open doors to your systems.
CIS benchmark

Benefits of configuration reviews and audits

Gain compliance with the NIST framework, PCI DSS and more

The CIS Benchmarks are known to map closely against the NIST Cyber Security Framework (CSF), the PCI DSS (Payment Card Industry Data Security Standard) and other regulatory frameworks. Thus, one of the key advantages of our configuration reviews is helping you make significant strides towards compliance with these standards.

Securely adopt and deploy new cloud services and configurations

Our goal is to secure your environment now and into the future. Certainly one of the most important aspects of any security assessment is ensuring that the client’s environment is flexible enough for change and forms the foundations for future deployments.

Leverage the collective expertise from a global community of IT and security professionals

The CIS Benchmarks are continuously updated and backed by a unique, consensus-based decision-making model. Therefore, our configuration reviews ensure you’re able to draw on our expertise, in addition to the global community of cyber security and IT professionals.

Up-to-date and easy guidance on securing your IT infrastructure

Part of our responsibility as your trusted cyber security partner is to ensure you’re kept up to date on security releases and the general threat landscape. In order to achieve this, we continuously check for new standards and benchmarks, ensuring these are integrated into our review process.

Why Content Security?

21 years’ experience and comprehensive qualifications

With cyber threats constantly evolving, you need up-to-date and qualified security specialists to keep your organisation secure and compliant. Our senior technical team can includes qualified software engineers, ISO 27001 auditors, PCI QSAs, and IT security professionals.

ISO 27001

OSCP

CRT

PCI QSA

For more information please contact our cybersecurity professionals today.