Skip to content
Salus Cyber

Security Configuration Review

Device Configuration Review

Gain insight into your digital networking estate.

Assess the quality of your deployed network device configuration with our review service.

A build review typically involves the assessment of the technologies leveraged to secure the system, software installed, and user account practices.

Configuration: The assessment will involve checking the assigned host's configurations and mapping them against established security configuration standards such as the Center for Internet Security standard.

Software: The reviewer will evaluate the operating system and software running on the assessed host, focusing on the running versions, missing patches, and publicly known security vulnerabilities.

Exploitation: If agreed as in-scope of the engagement, Salus Cyber consultants will attempt to exploit found vulnerabilities to accurately represent how an attacker could leverage these issues for gain.

First Line Dark


By being proactive and identifying issues in building configuration early, your organisation could save money by avoiding costly data breaches or downtime.


A device configuration review can aid an organisation in establishing a baseline of secure configurations that could be replicated onto the entire estate to work towards a resilient defence-in-depth approach.


Organisation devices, especially end-user devices, are prone to having arbitrary software installed on them or having software left unpatched. Performing a device configuration review assessment could identify such problems before they are taken advantage of by a malicious actor.


Deployment of devices is an important step in developing an organisation’s digital estate, yet many organisations do not have a secure deployment procedure. A device configuration review could facilitate the creation of a “Gold Build” with good security configuration, which the organisation could use to clone future builds.

How we work

Customer Journey

  1. Identify

    First, we take time to familiarise ourselves with your business. This allows us to clearly understand your requirements, your business risks, your key pain-points, and the outcomes you’re looking for.

  2. Understand

    We turn those requirements into crystal-clear scoping and test plan documents, so you know precisely what we’ll be doing, when we will be doing it, and how we will do it.

  3. Test

    We deliver what we promised.

  4. Inform

    Every report we create is unique based on your business, we don’t use cookie cutter data for our summaries or our remediation plans. Our precise and concise findings brief will advise what steps your business needs to take next to reduce cyber risk.

  5. Remediate

    We can ensure that the remediation process is tracked and coordinated within your business, we will allocate resources to point you in the right directions or if you need our help directly with remediation, we’ve got you covered.

  6. Feedback

    Your opinion is important to us, so we send a questionnaire to every one of our customers after each project – so you can let us know how we did.

Request a call back