Services

Application Security Audit
Test of application for security issues. Can be done a two levels:

  • Application penetration testing (remote) - tests what outside resources can access and how the application might be used to gain unauthorized access.
  • Security audit (onsite) includes code and server review, as well as the application penetration test.

Vulnerability assessment
Test that looks for cyber security threats in any given system or network. Open source tools are used to find these security threats, and the results are verified to minimize false positives. The assessment criteria is comprehensive that provides reports with practical recommendations to remediate found security threats.

Enterprise security audit
Review of the policy and procedures of a site and verify that technical means are available to ensure policies are being followed.

Penetration testing
Tests networks or systems for security weaknesses and determines what risks are introduced by these weakness. The goal of this test is to determine how much information could be gathered by different type of advisories. This test is usually conducted with limited knowledge of the site as to test intrusion detection methods and incident response.

  • Perimeter test - verify the security of the perimeter of a given network; including DMZ and any visitor enclaves.
  • Internal test - Tests sites ability to detect activity from a trusted insider, or from an attacker that has gained access remotely and is not moving inside the network. While the price is the same as the external test, this test usually takes longer to emulate the patient nature of a insider threat