Assessment
Strengthen Your Cyber Security with Our Security Configuration Review
FIRMUS CREST penetration testing will perform the Policy Compliance Assessment by adopting mainly on Center of Internet Security (CIS) as the benchmark.
Operating Systems, Databases, and Network Devices comes with their own set of configurations, i.e. security configurations, system configurations, network device configurations, and etc. Some of the organisations practise is to have a checklist of policy compliance for those OS, Database and network devices before the system goes live. This is to ensure those systems / devices are hardened before they are placed in a production environment. This is different from vulnerability scanning, as policy compliance audit determines if a system is configured in accordance with an established policy. The organisation will later have a working idea on the type of configuration parameters, security settings, and sensitive information that are crucial and need to be audited. This can be the setting of the logs, the security settings, password policies, and etc.
FIRMUS CREST penetration testing will perform the Policy Compliance Assessment by adopting mainly on Center of Internet Security (CIS) as the benchmark. If an organisation does not have its own policy compliance checklist, FIRMUS will use the CIS checklist for that organisation.
Scope of Work
Explore Our Assessment Services
Let us help you make informed decisions and set your business up for success through our range of assessment services.
