Security Assessment Services

Small Business Evaluation

According to an article in Business Week, "Stamford (Conn.)-based research firm Gartner estimates that about 25% of all small businesses suffered a hacker attack in 2008, up from about 10% in 2003."

Penetration Testing

Both manual and automated penetration testing can be performed on your internally- or externally-facing web-applications. Using tools such as Nessus, Nikto, Wikto, and IBM AppScan can be combined with manual penetration testing techniques to assess the overall security of an application.

All findings are screened and validated and presented in a final report that includes recommendations on how to remediate the identified vulnerabilities. An free "re-scan" can be used to ensure that identified vulnerabilites have been fixed.

Design Review

In a design review, the actual application design and implementation would be examined for security flaws. Design documentation, architecture diagrams, and knowledge of the environment and the typical usage of the application is analyzed for potential defects.

Code Review

Code reviews are conducted using both automated tools (including Yasca) and manual techniques to ensure that all vulnerabilities are detected. Source code can be written in C/C++, Java, .NET, or PHP and can range from a few thousand lines to many hundreds of thousands.

For More Information...

To learn more or to request a quote, please use the comment form or e-mail me directly.