The following are incorporated in the assessment:
– Vendor and version checking (known vulnerabilities and/or critical concerns)
– Current infrastructure configuration (cloud, on premise or hybrid)
Base line configuration requirements:
– System Logging and Monitoring
– Backup and Recovery
– Sub-OS hardening status
– User and Admin Access
– CLI query and open port queries.
Security Policies in place incorporating:
– Security Policy structure and definition
– Policy effectiveness (targeted and broad)
– Policy performance and use
This is all amalgamated into a central report that outlines the key concerns in priority and recommended actions necessary.
Infrastructure security health