It’s common practice for organisations to have a same build for workstations and to roll out these generic images on to every workstation and to some common servers. These generic builds must be approved from a security testing perspective before being accepted as an official build. Very often, such testing is conducted as part of a wider Information Security Assessment which is a strategic piece of work.
A significant danger with this practice is that standard builds may have generic security flaws which could lead to every workstation or server suffer from the same security flaw. 7safe undertakes security testing and penetration testing on the majority of Operating Systems builds.
7Safe undertakes build reviews and security testing against the following Windows (R) platforms and the associated applications that they may host i.e. SharePoint, Exchange etc.
- Microsoft Windows Server 2008
- Microsoft Windows Server 2003
- Microsoft Windows XP
- Microsoft Windows 7
- Microsoft Windows Vista
7Safe has wide and varied experience with Linux build reviews with particular reference to;
- Red hat Linux
- Suse Linux