Web Server Configuration Review

Hardening the web servers is considered one of the critical tasks in the security best practices. Web servers are often the primary target, facing the internet and vulnerable to various web attacks such as, port scanning, denial of service and path traversal. Cipher Storm follows the industry best guidelines and methodology to conduct the web server configuration reviews. These reviews provide insight information of the web servers visible to the attacker while performing external tests. Following the specific security procedures and hardening techniques will minimize these risks and limit the affect. Web server configuration is carefully examined to enforce legitimate file and process permissions, content mappings and that no sensitive information is leaked to the attacker. Some of the key configuration areas monitored by our security consultant are, web server’s default content and settings, configuration scripts, product-specific issues and the operating system itself. These steps provide assurance of the resilience of web severs by analyzing them for common misconfigurations and other system-wide security issues. A final report will be provided based on the web server configuration assessment, and how it could be enhanced from the security perspective.

Advanced Malware Analysis (CS-AMA)

Ethical Hacking and Network Defense (CS-EHND)