Share :
Configuration audit methodology
Synetis can carry out a configuration audit of different software and hardware components of your information system. These audits aim to prevent the presence of configuration directives that could lead to a reduction in the level of security, while ensuring that configurations comply with the targeted architecture or external/internal criteria or standards.
For these audits, the methodology is based on our R&D as well as on the hardening guides published by the editor of the audited solution as well as those of the ANSSI or CIS (when they exist).
Our audits can, for example, cover Active Directory solutions, Windows operating systems (7, 8, 10, Server 2003, 2008, 2012, 2016, 2019), any Linux distribution, MySQL databases, Microsoft SQL Server, Oracle SQL, etc., among others. Configuration audits can also be carried out on equipment such as firewalls, proxies and so on.
Below, by way of illustration, are given some recommendations resulting from our configuration audit work:
- Modify unwanted rights that have appeared following the installation of Windows Server 2016 (AD PREP bug) ;
- Modify the composition of privileged groups ;
- Set up a third-party administration model ;
- Reinforce the audited elements in the audit policy.
- Installing MySQL outside system partitions ;
- Check that the MYSQL_PWD variable is not used as an environment variable;
- Disable MySQL user interactive login ;
- Check that the MYSQL_PWD variable is not used in user profiles, etc.
In a broader sense, Synetis also carries out telecommuting or work environment audits, based on a study of the configuration of a corporate workstation. This type of audit aims to verify the hardening of the configuration (according to the state of the art rules) and the possible flaws that could allow an attacker or a malicious collaborator to obtain an increase in privileges.
