"Unleash the Power: Solution Efficacy Review for Unmatched Security Control Effectiveness!"
Understand the security solution architecture.
Obtain security solution configuration.
Understand the device feature set that is required to support Client’s business objectives.
Perform an initial review of the critical security settings and patching.
Review the policies and procedures that govern the use of the security solution, including access controls, incident response, and disaster recovery.
Identify the security solution for testing and obtain test account credentials for functionality, including test instances.
Initiate testing from “zero knowledge” of the configuration of the security solution.
Continue testing from perspective of an authorised user attempting to circumvent security controls and gain unauthorised access to restricted functionality.
Identify any gaps in the processes, such as missing or inadequate controls, lack of policies or procedures, or ineffective monitoring or reporting, based on the existing processes and potential risks and threats.
Security Solution configuration
Security Solution architecture documents
Security Solution logging Samples
Access to key personnel associated with the design of the security solution
Credentials, and access for testing from perspective of an authorised user.
A detailed report including the Security Solution testing findings
Recommendations including process gaps to improve overall efficiency of deployed security solution