Vulnerability
Assessment
Focus of this service is to
identify potential vulnerabilities residing
on the corporate network. This service gives
client complete risk exposure and countermeasure
for securing their assets.
Internal
Network Assessment
Focus of this service is to
scan internal network by our professionals and
identify loopholes in the internal assets. These
assets can be attacked by internal staff and
can be compromised. In this service we build
consolidated report on all internal assets and
their security.
Attack
and Penetration testing
Focus of this service is to
perform full blown penetration testing across
both external and internal networks. In this
service we identify vulnerabilities and exploit
them as well. We try to determine till what
far we can go with zero knowledge. The result
of this testing can be eye opening for various
corporate.
Component
review
Focus of this service is to
review various different components like Firewall,
VPN devices, Wireless networks, Routers, Virus
scanners, Patch management systems etc. If we
identify any loopholes into these components
then we report back to client. These components
are very critical for overall security posture
of the corporate.
Network
Architecture review
Focus of this service is to
study and review overall network architecture
and try to identify loopholes and come up with
possible threat model.
Application
assessment and audit
This service encompasses thorough
application assessment with zero knowledge.
It starts with application foot-printing and
ends with a list of vulnerabilities residing
in your application layer. Our report will cover
our methodologies, tools used, findings and
remediation strategies. It helps in securing
the application by following the remediation
strategies. Follow up assessment to verify the
security posture will also be done after the
fixes are applied.
Application
pen-testing
The objective is to determine
vulnerability in the application layer and to
follow up with exploits. This gives the actual
threat level and information exposure in your
application layer. Once again this service is
also with zero knowledge.
Application
code review
This service covers complete
application code scanning from security point
of view. The objective is to traverse through
the entire application code base and to identify
loopholes and possible security vulnerabilities.
The report will contain findings along with
the exact location of the issues for guidance
to the developers. The development team can
then take immediate action to rectify the issues.
The code quality will be compared with secure
coding best practices and the issues will be
reported on this basis.
Application
architecture review and threat modeling
In the early part of the development
lifecycle of an application it is possible to
do a thorough architecture review. It is ideal
to build a threat model at the architecture
stage and use it during the rest of the development
cycle. Such a model can provide guidance on
various security controls that need to be addressed
by developers to secure the application.
Application
deployment assessment
Application deployment environment
contains web servers, application servers, databases,
middleware etc. This service encompasses analysis
of the deployment environment and suggests various
different configurations to protect the application
infrastructure.
