Information Assurance
What is a build review?
A build review is an assessment of the standardised operating system(s) used by an organisation for provisioning devices. The purpose of this is to identify vulnerabilities in the operating system, software or configuration of the build that could be exploited by a threat actor through:
- Gaining access to the machine.
- Escalating their privileges on a machine.
- Gaining access to information or areas that could be used to cause damage to the business.
Proactive testing helps identify and address these risks before they can be exploited.
What does it do?
A build review can be broken down into several stages and seeks to mimic the processes taken by a real-world threat actor:
Reconnaissance
Information is gathered about the client's builds, such as operating system, available services, third-party software, and configuration. This is done using a combination of automated and manual tools.
Identifying vulnerabilities
The information gathered, alongside initial scans and enumeration, is used to identify vulnerabilities in the build which can be linked to known vulnerabilities in the software, weak configuration or vulnerabilities in how the services are implemented.
Exploitation
Identified vulnerabilities are exploited to demonstrate what impact it could have on the business in the event of a real-world compromise. This is often showcased through gaining access to a vulnerable system or sensitive data, depending on the rules of engagement of the test. It also helps us demonstrate how complex the exploitation of the vulnerability would be for an attacker.
Reporting
A report is created which provides a high-level overview and a technical overview of the vulnerabilities identified, the impact and complexity associated with them, and how these vulnerabilities can be fixed.
The value a build review brings to your organisation
PGI prioritises identified vulnerabilities based on the real-world risk they pose to your organisation, taking into account factors such as impact and complexity. This provides you with informed remediation advice to better prioritise and implement fixes within your environment.
By taking an active role in identifying and addressing vulnerabilities, you are taking a proactive approach to improving your overall security posture and staying one step ahead of threat.
Proactive protection
Identifying and addressing vulnerabilities helps strengthen security, Our approach includes tailored recommendations for a layered defence strategy.
Security assurance
Ensure your services are secure and protected from threats and demonstrate due diligence to your clients.
Risk-based insights
We help you to prioritise vulnerabilities based on real-world risk, providing actionable recommendations for effective fixes.