Infrastructure Penetration Testing

Open-Source Intelligence (OSINT) Security Assessment

Service Overview

The Open-Source Intelligence (OSINT) Security Assessment evaluates information about an organisation that is publicly accessible without requiring direct interaction with internal systems or networks.

The purpose of this assessment is to identify data points that may be leveraged by a threat actor during reconnaissance, social engineering, or the planning of more targeted attacks. By understanding what is visible externally, organisations can better manage their digital footprint and reduce unnecessary exposure.

Scope & Focus

The assessment may include, but is not limited to, the analysis of:

• Domain and subdomain discovery
• Public DNS and network information
• IP address attribution and hosting relationships
• Cloud asset identification
• Publicly exposed services and endpoints
• Metadata and configuration leakage
• Public code repositories and development artefacts
• References to breached or leaked data
• Public references to staff, roles, and organisational structure

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The OSINT Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• automated discovery techniques for scale and coverage
• manual analysis for contextual accuracy and relevance

This ensures that findings are both technically sound and operationally meaningful.

Outputs & Reporting

Clients receive:

• A dedicated OSINT Security Assessment report
• Identified exposures with contextual risk explanation
• Practical recommendations for reducing public-facing risk
• Secure access to findings via the Nanorisk Security Portal

Findings are prioritised to support informed decision-making and remediation planning.

Important Notes

• This assessment is passive and non-intrusive, involving no active exploitation or interaction with internal systems
• Findings reflect publicly available information at the time of testing and represent a point-in-time view of exposure
• The assessment does not guarantee identification of all public references or data sources

External Infrastructure Security Assessment

Service Overview

The External Infrastructure Security Assessment evaluates the security posture of an organisation's internet-facing systems and services.

The objective of this assessment is to identify vulnerabilities and weaknesses that could be exploited by external attackers without prior access to internal systems. It provides insight into how exposed the organisation is to real-world attack techniques originating from outside the network perimeter.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Public IP address ranges and externally accessible hosts
• Network services and exposed ports
• Internet-facing applications and management interfaces
• Perimeter security controls
• Authentication mechanisms and access controls
• Known vulnerabilities and misconfigurations
• Publicly exposed administrative services
• TLS/SSL configurations and certificate management

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The External Infrastructure Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

Testing combines:

• automated discovery for breadth and efficiency
• manual verification and exploitation for accuracy and realism

All testing is performed in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A detailed External Infrastructure Security Assessment report
• Identified vulnerabilities with risk context and prioritisation
• Clear, actionable remediation recommendations
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings are structured to support both technical remediation and executive-level decision-making.

Important Notes

• This assessment is performed from an external attacker perspective and does not assume prior network access
• Findings reflect a point-in-time view of the environment during the assessment period
• The assessment does not guarantee identification of all vulnerabilities or attack paths

Internal Infrastructure Security Assessment

Service Overview

The Internal Infrastructure Security Assessment evaluates the security of systems, services, and controls within an organisation's internal network environment.

The objective of this assessment is to identify vulnerabilities and weaknesses that could be exploited by an attacker who has gained an initial foothold within the network, whether through compromised credentials, a malicious insider, or a successful external breach.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Internal network hosts and services
• Privileged and non-privileged user access
• Authentication and authorisation mechanisms
• Lateral movement opportunities
• Privilege escalation paths
• Network trust relationships
• Security controls and monitoring effectiveness
• Internal service and system misconfigurations

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Internal Infrastructure Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

Testing combines:

• automated discovery to identify exposure and attack surface
• manual analysis and exploitation to validate real-world risk

All testing is conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A detailed Internal Infrastructure Security Assessment report
• Identified vulnerabilities with risk context and prioritisation
• Clear, actionable remediation recommendations
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support both tactical remediation and strategic improvement of internal security posture.

Important Notes

• This assessment assumes some level of internal access and does not represent a perimeter-only security view
• Findings reflect a point-in-time view of the environment during the assessment period
• The assessment does not guarantee identification of all vulnerabilities or attack paths

Network Segmentation Security Assessment

Service Overview

The Network Segmentation Security Assessment evaluates the effectiveness of network segmentation controls within an organisation’s environment.

The objective of this assessment is to determine whether systems, users, and data are appropriately separated to reduce attack surface, limit lateral movement, and contain the impact of a security breach.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Network zones, VLANs, and security boundaries
• Access control lists and routing policies
• Inter-segment trust relationships
• Segmentation enforcement mechanisms
• East-west traffic controls
• Privileged access pathways between segments
• Effectiveness of isolation between critical systems
• Design alignment with security and business requirements

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Network Segmentation Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

Testing combines:

• architectural review to understand segmentation design
• validation testing to assess enforcement and bypass potential

All testing is conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Network Segmentation Security Assessment report
• Identified weaknesses with contextual risk explanation
• Practical recommendations to improve segmentation and containment
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improvements in both security architecture and operational resilience.

Important Notes

• This assessment focuses on containment and control effectiveness rather than vulnerability discovery alone
• Findings reflect a point-in-time view of the environment during the assessment period
• The assessment does not guarantee identification of all segmentation weaknesses

Network Device Configuration Security Assessment

Service Overview

The Network Device Configuration Security Assessment evaluates the security posture of network devices through the review of their configurations and operational controls.

The objective of this assessment is to identify misconfigurations, insecure settings, and deviations from security best practice that could expose the organisation to compromise or operational risk.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Routers, switches, and network appliances
• Device hardening and baseline compliance
• Management plane security
• Authentication and access controls
• Logging and monitoring configurations
• Network protocols and services
• Firmware versions and patch levels
• Resilience and failover configurations

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Network Device Configuration Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration review against recognised security benchmarks
• validation testing to confirm control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Network Device Configuration Security Assessment report
• Identified configuration weaknesses with contextual risk explanation
• Prioritised recommendations aligned with security best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved security, stability, and operational resilience.

Important Notes

• This assessment focuses on configuration and control effectiveness rather than active exploitation
• Findings reflect a point-in-time view of device configurations during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Environment Breakout Security Assessment

Service Overview

The Environment Breakout Security Assessment evaluates the effectiveness of containment mechanisms designed to isolate systems, applications, or users within restricted environments.

The objective of this assessment is to determine whether it is possible to escape from constrained execution contexts and gain unauthorised access to broader systems, networks, or privileges.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Virtual machines and hypervisor isolation
• Containers and sandboxed environments
• Application-level isolation controls
• Privilege boundaries within restricted environments
• Inter-environment trust relationships
• Misconfigurations enabling escape or privilege escalation
• Host and orchestration security controls

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Environment Breakout Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

Testing combines:

• architectural and configuration review
• controlled testing to validate containment effectiveness

All testing is conducted in accordance with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• An Environment Breakout Security Assessment report
• Identified weaknesses in containment mechanisms with risk context
• Recommendations to strengthen isolation and boundary enforcement
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improvements in system design and security architecture.

Important Notes

• This assessment focuses on isolation and containment rather than general vulnerability discovery
• Findings reflect a point-in-time view of the environment during the assessment period
• The assessment does not guarantee identification of all potential breakout paths

Operating System Build Review Security Assessment

Service Overview

The Operating System Build Review Security Assessment evaluates the security posture of operating system builds against recognised security best practice and hardening standards.

The objective of this assessment is to identify insecure configurations, unnecessary services, and deviations from baseline controls that could increase the risk of compromise or operational instability.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Operating system configuration baselines
• User and privilege management
• Service and process hardening
• Patch and update management
• Logging and monitoring settings
• Authentication and access controls
• Default configurations and inherited weaknesses
• Alignment with recognised hardening guidelines

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Operating System Build Review Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and baseline review
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• An Operating System Build Review Security Assessment report
• Identified configuration weaknesses with contextual risk explanation
• Prioritised recommendations aligned with security hardening best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved system resilience and security consistency across environments.

Important Notes

• This assessment focuses on configuration and build integrity rather than active exploitation
• Findings reflect a point-in-time view of system builds during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Web Server Configuration Security Assessment

Service Overview

The Web Server Configuration Security Assessment evaluates the security posture of web server platforms through the review of their configuration and operational controls.

The objective of this assessment is to identify misconfigurations, insecure defaults, and deviations from security best practice that could expose hosted applications or data to compromise.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Web server software configuration and hardening
• Enabled modules and services
• TLS/SSL configuration and certificate handling
• Authentication and access controls
• Directory and file permissions
• Logging and monitoring settings
• Default configurations and inherited weaknesses
• Alignment with recognised security benchmarks

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Web Server Configuration Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration review against security best practice
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Web Server Configuration Security Assessment report
• Identified configuration weaknesses with contextual risk explanation
• Prioritised recommendations aligned with security hardening best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved security, reliability, and consistency across web hosting environments.

Important Notes

• This assessment focuses on configuration and platform security rather than application logic
• Findings reflect a point-in-time view of server configurations during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Active Directory Configuration Review Security Assessment

Service Overview

The Active Directory Configuration Review Security Assessment evaluates the security posture of an organisation’s Active Directory environment through the review of its configuration, permissions, and operational controls.

The objective of this assessment is to identify weaknesses that could enable unauthorised access, privilege escalation, or compromise of identity and access management controls.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Domain and forest configuration
• User, group, and service account permissions
• Privileged access controls
• Group Policy configuration
• Authentication and authorisation mechanisms
• Trust relationships and delegation settings
• Replication and directory services security
• Alignment with recognised security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Active Directory Configuration Review Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and permissions review
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• An Active Directory Configuration Review Security Assessment report
• Identified weaknesses with contextual risk explanation
• Prioritised recommendations aligned with security best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved identity security and reduction of systemic privilege-related risk.

Important Notes

• This assessment focuses on identity and access control integrity rather than general vulnerability scanning
• Findings reflect a point-in-time view of directory configuration during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Cloud Environment Security Assessment

Service Overview

The Cloud Environment Security Assessment evaluates the security posture of cloud-hosted infrastructure and services across public, private, or hybrid cloud environments.

The objective of this assessment is to identify configuration weaknesses, insecure deployments, and control gaps that could expose cloud resources, data, or services to compromise.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Cloud account and tenancy configuration
• Identity and access management controls
• Network security and segmentation within the cloud environment
• Storage and data protection mechanisms
• Virtual machine and platform security settings
• Logging, monitoring, and alerting configurations
• Exposure of cloud services to the public internet
• Alignment with recognised cloud security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Cloud Environment Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• architectural and configuration review
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Cloud Environment Security Assessment report
• Identified security weaknesses with contextual risk explanation
• Prioritised recommendations aligned with cloud security best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved visibility, control, and resilience across cloud environments.

Important Notes

• This assessment focuses on configuration and control effectiveness rather than application-level testing
• Findings reflect a point-in-time view of the cloud environment during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Firewall Configuration Security Assessment

Service Overview

The Firewall Configuration Security Assessment evaluates the security and effectiveness of firewall rules, policies, and associated controls within an organisation’s environment.

The objective of this assessment is to identify misconfigurations, overly permissive rules, and control weaknesses that could expose systems or data to unauthorised access.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Firewall rule sets and security policies
• Network access control enforcement
• Ingress and egress filtering controls
• Management plane security
• Logging and monitoring configuration
• Change control and rule lifecycle management
• Alignment with network security architecture
• Compliance with security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Firewall Configuration Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and policy review
• validation testing to assess enforcement effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Firewall Configuration Security Assessment report
• Identified weaknesses with contextual risk explanation
• Prioritised recommendations aligned with security best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved perimeter control and reduced exposure to network-based threats.

Important Notes

• This assessment focuses on policy and control effectiveness rather than device exploitation
• Findings reflect a point-in-time view of firewall configuration during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

VPN Configuration Review Security Assessment

Service Overview

The VPN Configuration Review Security Assessment evaluates the security posture of Virtual Private Network (VPN) implementations used to provide remote or site-to-site connectivity.

The objective of this assessment is to identify misconfigurations, weak controls, and design weaknesses that could compromise secure remote access or network segmentation.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• VPN architecture and deployment design
• Authentication and access control mechanisms
• Encryption protocols and key management
• User and device access policies
• Management and administrative access controls
• Logging and monitoring configuration
• Integration with identity and security systems
• Alignment with recognised security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The VPN Configuration Review Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and design review
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A VPN Configuration Review Security Assessment report
• Identified weaknesses with contextual risk explanation
• Prioritised recommendations aligned with security best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved remote access security and reduced risk of unauthorised network access.

Important Notes

• This assessment focuses on configuration and control effectiveness rather than exploitation of endpoints
• Findings reflect a point-in-time view of VPN configuration during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Voice Over IP (VoIP) Device Security Assessment

Service Overview

The Voice Over IP (VoIP) Device Security Assessment evaluates the security posture of VoIP systems and associated devices within an organisation’s communications environment.

The objective of this assessment is to identify vulnerabilities, misconfigurations, and control weaknesses that could enable unauthorised access, service disruption, or interception of voice communications.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• VoIP endpoints and hardware devices
• Call management and signalling infrastructure
• Authentication and access control mechanisms
• Network exposure and segmentation controls
• Encryption of voice and signalling traffic
• Management interfaces and administrative access
• Firmware versions and patch levels
• Alignment with recognised VoIP security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The VoIP Device Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and architecture review
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A VoIP Device Security Assessment report
• Identified weaknesses with contextual risk explanation
• Prioritised recommendations aligned with security best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved reliability and security of voice communications.

Important Notes

• This assessment focuses on device and infrastructure security rather than call content analysis
• Findings reflect a point-in-time view of the VoIP environment during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Database Configuration Review Security Assessment

Service Overview

The Database Configuration Review Security Assessment evaluates the security posture of database platforms through the review of configuration, access controls, and operational settings.

The objective of this assessment is to identify misconfigurations, weak controls, and deviations from security best practice that could expose sensitive data or enable unauthorised access.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Database platform configuration and hardening
• Authentication and access control mechanisms
• Privileged user and service account permissions
• Encryption and data protection controls
• Logging, auditing, and monitoring configuration
• Patch and update management
• Default configurations and inherited weaknesses
• Alignment with recognised database security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Database Configuration Review Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration review against security best practice
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Database Configuration Review Security Assessment report
• Identified weaknesses with contextual risk explanation
• Prioritised recommendations aligned with security best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved protection of sensitive data and system resilience.

Important Notes

• This assessment focuses on configuration and access controls rather than application-layer testing
• Findings reflect a point-in-time view of database configuration during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Secure Network Development Security Assessment

Service Overview

The Secure Network Development Security Assessment evaluates the security considerations embedded within the design and implementation of network environments.

The objective of this assessment is to identify weaknesses in network architecture, development practices, and design decisions that could introduce systemic security risks or operational vulnerabilities.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Network architecture and design documentation
• Security requirements and design controls
• Segmentation and trust boundary definition
• Secure configuration standards and baselines
• Integration of security within network development processes
• Change management and design governance
• Alignment with security and business requirements
• Adherence to recognised secure network design principles

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Secure Network Development Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• design and documentation review
• validation testing to assess control implementation

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Secure Network Development Security Assessment report
• Identified design weaknesses with contextual risk explanation
• Practical recommendations to strengthen network security by design
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support long-term improvements in security architecture and resilience.

Important Notes

• This assessment focuses on security by design rather than operational vulnerabilities alone
• Findings reflect a point-in-time view of network design and development practices
• The assessment does not guarantee identification of all architectural weaknesses

Stolen Device Security Assessment

Service Overview

The Stolen Device Security Assessment evaluates the security controls and operational readiness of an organisation in the event of a device being lost or stolen.

The objective of this assessment is to determine whether appropriate safeguards are in place to protect data, credentials, and systems from compromise following the loss or theft of a device.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Device encryption and data protection controls
• Authentication mechanisms and access restrictions
• Remote wipe and device management capabilities
• Local data storage and caching behaviour
• Credential storage and session handling
• Incident response procedures related to lost devices
• User awareness and reporting processes
• Alignment with recognised mobile and endpoint security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Stolen Device Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and control review
• validation testing to assess protection effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Stolen Device Security Assessment report
• Identified weaknesses with contextual risk explanation
• Practical recommendations to reduce risk associated with lost or stolen devices
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved resilience against endpoint loss and unauthorised access.

Important Notes

• This assessment focuses on control effectiveness rather than simulated theft scenarios
• Findings reflect a point-in-time view of endpoint protection and response capabilities
• The assessment does not guarantee identification of all control weaknesses

Mobile Device Configuration Security Assessment

Service Overview

The Mobile Device Configuration Security Assessment evaluates the security posture of mobile devices through the review of their configuration and applied security controls.

The objective of this assessment is to identify misconfigurations, weak controls, and deviations from security best practice that could expose organisational data or systems via mobile endpoints.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Device security configuration and hardening
• Authentication and access control mechanisms
• Data encryption and protection settings
• Application permissions and restrictions
• Operating system patch levels and update management
• Local data storage and backup controls
• Integration with enterprise security systems
• Alignment with recognised mobile security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Mobile Device Configuration Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration review against security best practice
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Mobile Device Configuration Security Assessment report
• Identified weaknesses with contextual risk explanation
• Prioritised recommendations aligned with mobile security best practice
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved security and management of mobile endpoints.

Important Notes

• This assessment focuses on configuration and control effectiveness rather than application testing
• Findings reflect a point-in-time view of mobile device configuration during the assessment period
• The assessment does not guarantee identification of all configuration weaknesses

Mobile Device Management Security Assessment

Service Overview

The Mobile Device Management (MDM) Security Assessment evaluates the security posture and effectiveness of an organisation’s MDM solution and associated controls.

The objective of this assessment is to identify weaknesses in policy enforcement, device governance, and management controls that could undermine the security of mobile endpoints and organisational data.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• MDM platform configuration and security settings
• Policy enforcement mechanisms
• Device enrollment and deprovisioning processes
• Authentication and administrative access controls
• Compliance and monitoring capabilities
• Integration with identity and security systems
• Incident response and device lifecycle management
• Alignment with recognised mobile management best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Mobile Device Management Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and policy review
• validation testing to assess control effectiveness

All activities are conducted in a controlled manner, aligned with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Mobile Device Management Security Assessment report
• Identified weaknesses with contextual risk explanation
• Practical recommendations to improve mobile governance and security
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved control, visibility, and security of mobile environments.

Important Notes

• This assessment focuses on management and governance controls rather than individual device vulnerabilities
• Findings reflect a point-in-time view of the MDM environment during the assessment period
• The assessment does not guarantee identification of all control weaknesses

Wi-Fi Security Assessment

Service Overview

The Wi-Fi Security Assessment evaluates the security posture of an organisation’s wireless network infrastructure and associated access controls.

The objective of this assessment is to identify vulnerabilities, misconfigurations, and weaknesses that could enable unauthorised access to internal networks or compromise the confidentiality and integrity of wireless communications.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Wireless network architecture and design
• Authentication and access control mechanisms
• Encryption and key management practices
• Segmentation between wireless and wired networks
• Guest network controls
• Rogue access point detection
• Wireless management interfaces
• Alignment with recognised wireless security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Wi-Fi Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and architectural review
• controlled testing to validate security controls

All activities are conducted in accordance with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Wi-Fi Security Assessment report
• Identified weaknesses with contextual risk explanation
• Prioritised recommendations to improve wireless security
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved protection of wireless access and network integrity.

Important Notes

• This assessment focuses on wireless infrastructure security rather than endpoint device security
• Findings reflect a point-in-time view of the wireless environment during the assessment period
• The assessment does not guarantee identification of all wireless security weaknesses

Bluetooth Security Assessment

Service Overview

The Bluetooth Security Assessment evaluates the security posture of Bluetooth-enabled devices and their associated communication mechanisms within an organisation’s environment.

The objective of this assessment is to identify vulnerabilities, misconfigurations, and weaknesses that could enable unauthorised access, data leakage, or compromise through Bluetooth communications.

Scope & Focus

The assessment may include, but is not limited to, the evaluation of:

• Bluetooth-enabled devices and peripherals
• Pairing and authentication mechanisms
• Encryption and communication security
• Device discoverability and visibility settings
• Firmware versions and patch levels
• Integration with enterprise security controls
• Exposure to known Bluetooth attack techniques
• Alignment with recognised Bluetooth security best practice

The specific scope is defined during formal engagement scoping and confirmed prior to commencement.

Engagement & Delivery

The Bluetooth Security Assessment is delivered under formal scoping and explicit authorisation and is managed through the Nanorisk Security Portal.

The assessment combines:

• configuration and device review
• controlled testing to assess communication security

All activities are conducted in accordance with agreed rules of engagement and designed to minimise operational impact.

Outputs & Reporting

Clients receive:

• A Bluetooth Security Assessment report
• Identified weaknesses with contextual risk explanation
• Practical recommendations to improve Bluetooth security
• Secure access to findings and engagement artefacts via the Nanorisk Security Portal

Findings support improved control and reduced risk associated with short-range wireless communications.

Important Notes

• This assessment focuses on Bluetooth communications rather than general wireless network security
• Findings reflect a point-in-time view of Bluetooth security during the assessment period
• The assessment does not guarantee identification of all Bluetooth-related weaknesses

Cookie Policy

This website uses a minimal number of cookies. We do not use analytics, tracking, or marketing cookies.

What cookies do we use?

The only cookies set on this website are by Google reCAPTCHA, which is used on our contact form to prevent spam submissions. These are classified as strictly necessary cookies required for the form to function securely.

reCAPTCHA Cookies

• _GRECAPTCHA — used by Google reCAPTCHA to provide spam protection on the contact form
• NID — a Google cookie used to remember preferences and provide functionality for reCAPTCHA

These cookies are set by Google. You can read Google's privacy policy at policies.google.com/privacy.

Local Storage

We do not store any personal data in your browser's local storage.

Third-Party Cookies

We do not use any third-party analytics, advertising, or social media tracking cookies.

Managing Cookies

You can control and delete cookies through your browser settings. Disabling cookies may affect the functionality of the contact form. For more information on managing cookies, visit allaboutcookies.org.

Contact

If you have questions about our use of cookies, please contact us at info@nanorisk.co.uk.

Last updated: March 2026