Loading...

Business context

Expertware has extensive experience and well-defined processes to remediate findings following internal and external security audits.

Our consultants have broad skills covering access, networking, servers, operating systems and application layers.

We help our customers in performing multi-facets security audits and applying remediation activities.

Our target is raising the security level of a large organizations via a streamlined efficient process.

Depending on the severity of the findings and the remediation timeline desired by our customers, we dispatch a SWAT team that will define the ideal sequence of activities taking into consideration the priorities and the interdependencies.

Increase your data protection and correct your system vulnerabilities.
Be prepared for a secure future.

What we actually do

  • Apply immediate fixes for well-known attack vectors: Kerberoasting, SMB1, TLS, stale adminaccounts, repair permissions for Enterprise Admins.
  • Design and implement network segregation based on the criticality of data and processes.
  • Perform Password Quality Audit: detecting duplicate passwords, known hashes, non-expiring passwords.
  • Deploy Privileged Access Management for servers and workstations.
  • Review / Define / Deploy password policies and controls
  • Design / Implement privileged access workstations (PWA) as published applications (XenApp, RemoteApp) and with minimal delegate set of privileges.
  • Review / Implement secure vault for sensitive credentials.
  • Design and deployed hardening group policies for servers (member servers, DCs, SQL servers, RDS, file servers), and workstations. The policies covered multiple LDAP forests, subdomains taking into consideration sites and federation.
  • Design and deployed local policies for the DMZ workgroup member server (no AD forest). The policy aligned with the AD GPOs.
  • Design and implemented privileged access accounts, privileged groups, and delegation in AD forest with subdomains.
  • Design and implemented AD-integrated PKI (auto-enrollment users and devices, integration with NAP, Radius and NAC)
  • Assessment and cleanup for higher service accounts. Migrated service accounts to managed service accounts where possible.
  • Assessment and cleanup for scheduled tasks.
  • Assessment and cleanup for higher SQL accounts.
  • Planning and deployment for LAPS.
  • Planning and deployment for Bitlocker for workstations and servers.
  • Review and enforce separation between different environments: dev-test - prod.
  • Plan and configured Azure AD Connect following minimal privileged and exposure principles (limited set of fields synched to Azure, no password synced to Azure)
  • Designed and configured secure external sharing solution based on Xpertfiles Enterprise (www.xperfiles.net)
  • Design and configure Network Access Control for LAD and Wi-Fi.
  • Centralize logs and funnel use cases to SIEM (firewalls, NAC, LDAP, server Events).

Click on the link below to schedule a call with one of our subject matter experts.
Let's have a talk
Set up a meeting