Architecture audit


  • Check the choice and positioning of software and hardware security devices
  • Study their compliance with security needs and state of the art
  • Qualify their technical efficiency and coverage
  • Check if they are used efficiently within the information system


  1. Documentation collection and analysis
    Ex: Network diagrams, Business flow matrix
  2. Interview with key collaborators
    Ex: Architecture manager, Network administrator, Security engineer
  3. Technical audit by sampling
    Ex: extract of filtering rules, network scan from one zone to another

Technical interviews allow employees to present specific points of the architecture audited.

Topics covered during interviews

  • Main concepts of the architectural scheme
  • Breakdown of security zones
  • Positioning of safety equipment
  • Implementation of intrusion detection systems
  • Architecture resilience to attack
  • Legitimate remote administration
  • Management of non-encrypted flows
  • Zone or server pooling

Some examples of reported vulnerabilities

  • Backoffice administration flow available from the DMZ
  • Firewalls bypass
  • Shorts in the network by pivot attack
  • Vlan jumping
  • Exposure of unprotected vulnerable services
  • Use of unencrypted protocols
  • No outgoing trafic filtering
  • Permitted tunnel exfiltration methods