|
Focus of this service is to identify
potential vulnerabilities residing on the corporate
network. This service gives client complete risk
exposure and countermeasure for securing their
assets.
Focus of this service is to scan
internal network by our professionals and identify
loopholes in the internal assets. These assets
can be attacked by internal staff and can be compromised.
In this service we build consolidated report on
all internal assets and their security.
Focus of this service is to
perform full blown penetration testing across
both external and internal networks. In this service
we identify vulnerabilities and exploit them as
well. We try to determine till what far we can
go with zero knowledge. The result of this testing
can be eye opening for various corporate.
Focus of this service is to review
various different components like Firewall, VPN
devices, Wireless networks, Routers, Virus scanners,
Patch management systems etc. If we identify any
loopholes into these components then we report
back to client. These components are very critical
for overall security posture of the corporate.
Focus of this service is to
study and review overall network architecture
and try to identify loopholes and come up with
possible threat model.
This service encompasses thorough
application assessment with zero knowledge. It
starts with application foot-printing and ends
with a list of vulnerabilities residing in your
application layer. Our report will cover our methodologies,
tools used, findings and remediation strategies.
It helps in securing the application by following
the remediation strategies. Follow up assessment
to verify the security posture will also be done
after the fixes are applied.
The objective is to determine
vulnerability in the application layer and to
follow up with exploits. This gives the actual
threat level and information exposure in your
application layer. Once again this service is
also with zero knowledge.
This service covers complete
application code scanning from security point
of view. The objective is to traverse through
the entire application code base and to identify
loopholes and possible security vulnerabilities.
The report will contain findings along with the
exact location of the issues for guidance to the
developers. The development team can then take
immediate action to rectify the issues. The code
quality will be compared with secure coding best
practices and the issues will be reported on this
basis.
In the early part of the development
lifecycle of an application it is possible to
do a thorough architecture review. It is ideal
to build a threat model at the architecture stage
and use it during the rest of the development
cycle. Such a model can provide guidance on various
security controls that need to be addressed by
developers to secure the application.
Application deployment environment
contains web servers, application servers, databases,
middleware etc. This service encompasses analysis
of the deployment environment and suggests various
different configurations to protect the application
infrastructure.
|
