Compass Security Reviews is a professional consulting service that evaluates the security posture of systems, components, configurations, and code through manual, expert-led analysis. The service encompasses several distinct review types: **Concept & Architecture Reviews** Security analysts examine system designs and concepts to identify potential vulnerabilities and provide recommendations for aligning implementations with security best practices, without waiting for go-live. **Firewall Reviews** Assessment of firewall configurations to verify alignment with network zone concepts, effectiveness of network segregation, and correct rule implementation according to the least privilege principle. **Source Code Reviews** Manual, in-depth analysis of critical code components and security-relevant functions, targeting logical flaws that automated scanning tools are unable to detect. Full automated source code scanning is not offered. **Configuration Reviews** Evaluation of cloud infrastructure (Microsoft Azure, AWS, Google Cloud Platform), proxies, web application firewalls, spam filters, and other security components to identify default or insecure settings and recommend improvements. **Hardening Checks** Verification of Windows and Linux system builds against vulnerability indicators and security best practices. Coverage includes: - BIOS and disk encryption, physical security - Security policy and settings (GPOs) - Users, groups, and permissions - Network and firewall settings - Active Directory and single sign-on specifics - Software and services (AV, EPP, EDR, VPN, etc.) - Software restrictions (AppLocker, SELinux) - Data exfiltration measures (DLP) - CIS controls benchmarking