When we perform a security assessment, we typically use third party tools to review a customers network environment and prepare a series of reports. The following is a brief overview of the reports that should be included.

Security Risk Report

Risk Score and chart shows the relative health of the network security, along with a summary of the number of computers with issues. This report includes outbound protocols, system control protocols, user access controls, external vulnerabilities summary, and dark web password and credential breaches.

Security Management Plan

Helps prioritize remediation based on the issue risk score. A listing of all security related risks are provided along with recommended actions.

Computer Security Report Card

The Computer Security Report Card assesses individual computers based on security criteria. Devices discovered on the network are assigned an overall score, as well as a specific score for each of the assessment categories detailed in the report card.

Anomalous Login Report

Identify anomalous user logins with this report that methodically analyzes login history from the security event logs. The report uses mathematical modeling and proprietary pattern recognition to highlight potential unauthorized users who log into machines they normally do not access and at times they normally do not log in.

External Vulnerabilities Scan Report

A comprehensive output including security holes and warnings, informational items that can help make better network security decisions, plus a full NMap Scan which checks all 65,535 ports and reports which are open. This is an essential item for many standard security compliance reports.

Outbound Security Report

Highlights deviation from industry standards compared to outbound port and protocol accessibility, lists available wireless networks as part of a wireless security survey, and provides information on Internet content accessibility.

Security Policy Assessment Report

A detailed overview of the security polices which are in place on both a domain wide and local machine basis.

Share Permission Reports

Share Permission Report by Computer lists all network “shares” by computer, detailing which users and groups have access to which devices and files, and what level of access they have.

Share Permission Report by User Organizes permissions by user, showing all shared computers and files to which they have access.

User Behavior Analysis Report

Shows all logins, successful and failure, by user. Report allows you to find service accounts which are not properly configured (and thus failing to login) as well as users who may be attempting (and possibly succeeding) in accessing resources (computers) which thy should not be.

Login History by Computer Report

Same data as User Behavior but inverted to show you by computer. Quite useful, in particular, for looking at a commonly accesses machines (file server, domain controller, etc.) – or a particularly sensitive machine for failed login attempts. An example would be CEO’s laptop-or the accounting computer where you want to be extra diligent in checking for users trying to get in.

Login Failures by Computer Report

Report identifies users who have succeeded in logging in to another machine. Great for auditing/logging purposes to know of all attempts.

Data Breach Liability Report

Identifies specific and detailed instances of personal identifiable information (PII) and cardholder data throughout a computer network that could be the target of hackers and malicious insiders. It also calculates the potential monetary liability and exposure based upon industry published research.

RSOP Settings Reports

RSOP Computer Settings Report

This report analyzes the various Resulting Sets of Policy (RSOP) based on computer policy settings on computers in the environment and can be used to assess how many variants of settings exist in a network. Small variants might be a result of misconfiguration of misapplication of Group Policies st the computer level. Use this report to demonstrate how you might be able to create consistent policies or avoid one-off settings and misconfigurations that lead to inconsistent security policy application.

RSOP User Settings Report

This report analyzes the various Resulting Sets of Policy (RSOP) based on user policy settings on computers in the environment and can be used to assess how many variants of settings exist in a network. Small variants might be a result of misconfiguration of misapplication of Group Policies at the user level. Use this report to demonstrate how you might be able to create consistent policies or avoid one-off settings and misconfigurations that lead to inconsistent security policy application.