- Penetration Testing
- Security Audit
- Social Engineering Security Assessment
- Mobile Software Application Security Audit
- Web Application Security Audit
- Digital Forensics
- Co-managed SIEM And Security Monitoring
1. Information Gathering
A detailed reconnaissance about the applications are performed:-
- Improper system configuration
- Hardware / software flaws
- Operational weaknesses (usually introduced accidentally in complex systems)
- Technical countermeasures producing unintended responses
- Other technology-based issues
2.PLANNING AND ANALYSIS
Based on the information collected we devise a full scale “Red Team” approach to mimic real time attacks.
We will run vulnerability scanners to look for possible vulnerabilities and common vulnerabilities related to the platform, APIs, technology framework etc.
Different exploits are executed on the application to evaluate its security. We have custom scripts, open source exploits and in-house tools to achieve high degree of penetration.
We generate concise and succinct reports of the vulnerabilities discovered along with discussion on the nature of vulnerability, its impact, threat level and recommendation to remove the vulnerability.
Our technical experts discuss the report, along with the bugs found, and their impact scenario with the development team of the client. Comprehensive discussions are carried out on how to remove the vulnerabilities and harden the application.