Security Review

DEFINITION

What is a build review

A Build Review is a detailed and systematic assessment of the security configuration applied to devices and systems within an organisation’s IT environment. This includes servers, laptops, mobile devices, and network equipment such as firewalls, routers, and switches. The objective is to evaluate the effectiveness of current security settings, identify misconfigurations or deviations from best practices, and uncover any weaknesses that could expose the organisation to potential threats.

The review typically examines areas such as user account permissions, patch levels, firewall settings, encryption policies, logging and monitoring configurations, remote access controls, and the alignment of these controls with industry standards or internal security baselines (e.g. CIS Benchmarks, NCSC guidelines).

benefits

Why should you do it

;

Identifying Security Weaknesses

A Build Review helps uncover misconfigurations, outdated settings, and weak or ineffective security controls. By identifying these issues early, organisations can address vulnerabilities before they are exploited by malicious actors, significantly reducing the risk of system compromise.

;

Strengthening Overall Security

Implementing the recommendations provided during a Build Review helps harden devices against attack. From secure configurations and access control policies to encryption standards and endpoint protection mechanisms, the review promotes a more robust and resilient security posture.

;

Improving Patch and Update Management

The review evaluates how patching and software updates are managed across your environment. Proper patch management is essential to protecting systems from known vulnerabilities and reducing the attack surface available to threat actors.

;

Enhancing Visibility and Control

By reviewing baseline configurations across all device types, organisations gain a clearer understanding of their asset inventory, configurations, and potential security gaps. This visibility allows for better security governance and informed decision-making.

;

Supporting Incident Response Readiness

Properly configured systems are better equipped to detect, log, and respond to security incidents. A Build Review helps ensure logging and monitoring capabilities are in place, which is vital for timely detection and investigation of threats.

methodology

Our approach

During a Build Review, our security specialists conduct a comprehensive assessment of how servers, end-user devices (such as laptops and mobile phones), and network infrastructure devices (including firewalls, routers, and switches) are configured. The aim is to verify that these systems are aligned with industry best practices, vendor guidelines, and the organisation’s internal security policies.

 

Scoping and Asset Identification

g g

Configuration Data Collection

 

Analysis Against Best Practices

 

Identification of Gaps and Risks

We begin by working closely with your team to define the scope of the review, identifying which devices, operating systems, and configurations will be assessed. This ensures the review is appropriately targeted and relevant to your environment.

Configuration details are securely collected from the systems in scope. This can be done through direct inspection, secure script execution, or export of configuration files and settings, depending on the environment. We tailor the data collection process to minimise disruption to business operations.

The collected configurations are analysed against recognised security benchmarks such as the CIS Benchmarks, NCSC guidelines, vendor hardening standards, and your organisation’s own security policies. This includes a review of (but not limited to):

User access controls and privilege management
Patch and update settings
Authentication and password requirements
Endpoint protection and encryption
Network and firewall rules
Logging and monitoring configurations
Mobile device management (MDM) policies

Any deviations from security best practices or policy requirements are identified and risk-ranked based on their impact and likelihood of exploitation. We assess both technical misconfigurations and policy-level weaknesses that could put the organisation at risk.

FAQ

Further Information

Do we need to provide full access to systems?

Not always. A sanitised configuration export, system image, or report output may suffice. However, limited or read-only access (e.g., SSH, RDP) improves accuracy and context.

What does a Build Review typically assess?

Build reviews check for, though not limited to:

OS-level security configurations (e.g., services, ports, file permissions)
Patch and update status
User and privilege configurations
Logging and auditing settings
Authentication policies (e.g., password strength, MFA)
Firewall and network settings
Installed software and services
Compliance with security benchmarks

What is a Build Review?

A build review is a security assessment of system configurations, server builds, and infrastructure baselines to ensure they follow security best practices. It helps identify insecure defaults, misconfigurations, or deviations from organizational or industry standards (e.g., CIS Benchmarks, NIST, ISO 27001).

What systems or components can be reviewed?

A build review can include:

Operating Systems (Linux, Windows, macOS)
Databases (MySQL, PostgreSQL, SQL Server, etc.)
Application servers (Apache, NGINX, Tomcat, IIS)
Virtual machines and container images (Docker, Kubernetes nodes)
Network devices (with config dumps)
Mobile Device MDMs

Why is a Build Review important?

Poorly configured systems are a leading cause of security breaches. A build review helps:

Reduce the system’s attack surface.
Identify insecure services, permissions, and settings.
Ensure compliance with regulatory frameworks (e.g., PCI DSS, HIPAA, GDPR).
Improve incident response readiness by enforcing consistent, hardened builds.