Servers

What Is It?

Your servers are what host the underlying platform of the services your organisation uses or exposes for others to consume. These are the operating systems that power your computing estate, web services, HR and payroll system, shared file storage, email processing and storage and backend database amongst many more roles. They can be physical or virtual and based on premise, at a third party supplier or in the cloud.

Why Assess It?

There are many reasons to conduct a server security assessment, five of which are below.

Data Protection

Your organisation requires data to function and this tends to reside on servers. To ensure that the appropriate protections are in place it is important to conduct a server security assessment. The requirement to protect data will also cover credential management, such as answering questions about how a privileged user administers the server and does this leave the server and subsequently the organisation open to compromise for example.

Confidence in Configuration

As an organisation you expect configuration to be common where possible, through a server security assessment you can confirm this as well as ratify that the configuration deployed ensures that relevant security hardening has been undertaken to both reduce the likelihood of a successful attack taking place but also impede a threat actors actions should they achieve an initial compromise.

Identify Deprecated Components

Every organisations computing estate is large and diverse. Even with a rigorous patching policy there are still components which will fall through gaps, whether it is servers that have not reported into for their updates for an extended period or if there are software components running on the servers operating system that perhaps are not managed by the organisations patching process. Conducting a server security assessment will identify the presence of any outdated software, at all levels in the server.

Validate Protective Monitoring

By conducting a server security assessment you will gain independent confirmation that your defensive team are observing the actions undertaken on your most critical assets. In addition, you will be able to benefit from a threat actors viewpoint and understand how common tools, tactics and procedures can be detected on servers through targeted monitoring guidance.

Reduce Risk of Network Exposure

For a server to be useful, it needs to fulfil a role in the organisation which also means it generally exposes a service across the network. When a server security assessment is undertaken, you gain the insight of knowing exactly what is exposed and what risk this poses without any guesswork commonly caused by wide ranging network scans.

The Agility Cyber Approach

Like all our engagements, we want you to get the most out of your server security assessment and we do this by:

Additional Software Configuration

Your organisation needs the software on top of the operating system for the server to perform its, role so we do not stop at just the operating system. We look at the software deployed on top to both check for outdated software as well as misconfigurations.

Role Based Perspective

Every server is not the same so whilst there will be common guidance that is applicable across a server estate, we want to be practical and will give targeted recommendations based on the role of the server so as to protect your organisations functions but also to reduce any associated risk.

No False Positives

A server security assessment utilises administrative credentials for full access to the server, this allows us to spend the time validating findings and triaging exactly what is running and how it is configured meaning there are no false positive to report.

Finding Existing Compromises

As we have full access to the server, we take the time to see if there are any indicators of compromise that would suggest a current, or previous, compromise.

Threat Actor Based Intelligence

During the server security assessment we deploy our knowledge of threat actors to both identify as well as provide effective remediation advice for mitigating a genuine attack. We do not simple benchmark your server against a checklist, we ensure that we view your server as an attacker would – namely what objective would they have to get in and how would they achieve a suitable end goal. This allows us to go a step above with our assurance and provide novel ways for you to impede a threat actor.

Benefits of Partnering with Agility Cyber

Mutually Invested

Our experts work with you, not against you. There are no egotistical celebrations when a serious issue is discovered, just rapid full disclosure with pragmatic suggestions for effective remediation followed by ongoing support.

Clarity and Simplicity

We always provide clarity, believe in simplicity and value your time. An example is rather than waiting until the engagement starts, we will conduct open source intelligence gathering activities before the scoping meeting to help us understand your organisations position and risk posture thus enabling us to ask better questions, securing you higher value and saving you time.

Full Consultancy

Our team, based in the UK, is technically exceptional but we pair that with business sense to discover, triage and help you remediate the full range of security issues.

Impartiality

We are impartial, we do not sell you products or the latest buzzword laden trending solution.

Outstanding Service

We have an industry leading turnaround, agility is in our name after all. Proposals are shared with you within 24 hours of the scoping meeting. Accurate and complete daily debriefs are given during every engagement. The report is shared within 5 working days at the latest.

Scroll to Top