A hardening review provides the client a detailed report that compiles the recommended security settings for each of the services available in the asset, as well as a list of the vulnerabilities to which it is exposed. Our system hardening services strengthen companies' cybersecurity structures to contain digital threats
- We do not use the external black box approach but rather analyze all installed technologies providing a deeper level of inspection.
- Potential paths of information discovery and elevation of privileges are exploited which provides a true snapshot of the exposure status of the assessed equipment.
- Detailed information is provided to the team responsible for the asset about why and how to implement the appropriate security enhancements and protections.
- Our system hardening services allow you to fine-tune the configuration of a model that could later be deployed on a larger number of the company's equipment.
System Hardening Services Overview
In hardening reviews, whether it be on servers or user workstations, our cybersecurity team starts with local access to the asset being assessed. In some cases, for a more realistic approach, the review can be performed with physical access to the equipment.
In the event that the credentials provided by the client do not have administrator permissions, the exercise becomes a privilege escalation to try to turn the review approach into a white box review.
Once the level of privileges available for the review have been confirmed, the operating system configurations and its services are checked thoroughly. This review aims to identify all weaknesses and possible improvements in each system service.
What is operating system hardening?
It implies making the operating system and the software it hosts on servers or user workstations more secure. It involves protecting, detecting, and responding to network threats to critical business systems, users, and data.
The Hardening of Systems (hardening) aims at the correct implementation of security policies, hardening and clear delimitation of the privileges of users, groups, roles and configuration of services. Some examples. Active Directory, LDAP, Password Fortification, Firewall, DMZ…etc.
The goal is to make it difficult for hackers and organized groups to attack an organization.
Why is OS hardening important?
It is necessary to follow the best practices regarding the recommendations of the technology manufacturer to ensure the hardening of the system and the network, disabling unnecessary services for users. This process mitigates the impact on the systems and users of the organization and the data they host.
An adequate hardening process allows mitigating “Zero Day” type attacks since the hardening of systems goes beyond following the default configurations of a manufacturer. Data theft, identity theft, Ransomware-type attacks, etc. are avoided.
What are system hardening standards?
There are hardening guides such as CIS controls and different analysis methodologies such as MITRE ATTACK that allow an in-depth analysis.
For the correct execution of a hardening process, the controls implemented by the clients must be compared with those that appear in the guides of international entities (Center of Internet Security, National Institute of Standards and Technology), nationals (National Cryptologic Center) and manufacturers such as Microsoft, Canonical, RedHat, Suse … etc.