Endpoint security assessment evaluates the defences on workstations, laptops, and servers โ the systems where users work and where initial compromise often occurs. Testing covers: endpoint detection and response (EDR) effectiveness (can the EDR detect and block common attack techniques?), patch management (are operating systems and applications current?), configuration hardening (local admin rights, PowerShell execution policy, USB device controls), encryption (full-disk encryption on laptops), application control (are unauthorised applications blocked?), and browser security (extensions, content settings). Testing typically uses the same techniques real attackers use โ malware simulation, credential harvesting, privilege escalation โ to evaluate whether endpoint controls detect and prevent them.
Technical2027-06-19
Endpoint Security Assessment: Testing Workstation and Server Defences
Endpoints are where users work and where attacks land. Assessing EDR, patching, configuration, and local security controls.