What is it?
A Client Security Evaluation will review your organization’s End User Device (EUD) such as an employee’s workstation, desktop, or laptop, against security best practices and industry standards. The review is carried out from an authenticated perspective. It uses the permission level of a typical end-user and looks for any configuration weaknesses or security vulnerabilities that could be exploited by a threat actor or malicious user to escalate their privilege level and use the access to the workstation to compromise other devices in your network or domain.
What configuration is reviewed?
The Client Security Evaluation will review the entire EUD’s configuration and identify any weaknesses that could be exploited by a malicious user or threat actor who has gained access to the client. The vulnerabilities in the following areas will be identified, but are not limited to:
- Physical Security
- Software installation and configuration
- Patches and patch management policies
- Service configuration and permissions
- Password policy and password management
- System logs and auditing
- Privileged system configuration access control
- Any configuration weakness that could be exploited to access another client or server in the network or domain
What is the output from this assessment?
A full technical report will include the following:
- Executive Summary – explanation of the vulnerabilities encountered, the risk they pose to your organization, whether the objective was completed and recommendations of any remedial action that should be taken
- Summary of Findings – a table of all vulnerabilities noted during the assessment, the vulnerability title, its risk rating, and the vulnerability’s current state
- Detailed Findings:
- The vulnerability’s risk rating
- The system, URL or process that contains the vulnerability
- How the vulnerability was exploited
- The risk posed to the organization
- Full technical details of how to replicate the vulnerability
- Remediation advice
- Appendices – vulnerability output that was noted in the engagement
When evaluating the overall risk rating for each vulnerability, the following factors will be considered:
- Impact – the impact that exploitation of this vulnerability will have on the business or organization
- Risk – the risk posed to the organization if this vulnerability is exploited
- Likelihood – the likelihood that this vulnerability could be exploited
Each vulnerability will have a remediation recommendation, which will include either:
- Official fixes, such as a firmware upgrade for hardware or a patch for a publicly disclosed vulnerability
- When there is no official fix, a workaround can be used
- Process improvement for when exploitation of vulnerability is caused by a business process