left banner

Professional Security Services (PSS)

We are having team of professionals which can provide various different professional security services. They are as follows.

Vulnerability Assessment - Focus of this service is to identify potential vulnerabilities residing on the corporate network. This service gives client complete risk exposure and countermeasure for securing their assets.

Internal Network Assessment - Focus of this service is to scan internal network by our professionals and identify loopholes in the internal assets. These assets can be attacked by internal staff and can be compromised. In this service we build consolidated report on all internal assets and their security.

Attack and Penetration testing - Focus of this service is to perform full blown penetration testing across both external and internal networks. In this service we identify vulnerabilities and exploit them as well. We try to determine till what far we can go with zero knowledge. The result of this testing can be eye opening for various corporate.

Component review - Focus of this service is to review various different components like Firewall, VPN devices, Wireless networks, Routers, Virus scanners, Patch management systems etc. If we identify any loopholes into these components then we report back to client. These components are very critical for overall security posture of the corporate.

Network Architecture review - Focus of this service is to study and review overall network architecture and try to identify loopholes and come up with possible threat model.

Application assessment and audit - This service encompasses thorough application assessment with zero knowledge. It starts with application foot-printing and ends with a list of vulnerabilities residing in your application layer. Our report will cover our methodologies, tools used, findings and remediation strategies. It helps in securing the application by following the remediation strategies. Follow up assessment to verify the security posture will also be done after the fixes are applied.

Application pen-testing - The objective is to determine vulnerability in the application layer and to follow up with exploits. This gives the actual threat level and information exposure in your application layer. Once again this service is also with zero knowledge.

Application code review - This service covers complete application code scanning from security point of view. The objective is to traverse through the entire application code base and to identify loopholes and possible security vulnerabilities. The report will contain findings along with the exact location of the issues for guidance to the developers. The development team can then take immediate action to rectify the issues. The code quality will be compared with secure coding best practices and the issues will be reported on this basis.

Application architecture review and threat modeling - In the early part of the development lifecycle of an application it is possible to do a thorough architecture review. It is ideal to build a threat model at the architecture stage and use it during the rest of the development cycle. Such a model can provide guidance on various security controls that need to be addressed by developers to secure the application.

Application deployment assessment - Application deployment environment contains web servers, application servers, databases, middleware etc. This service encompasses analysis of the deployment environment and suggests various different configurations to protect the application infrastructure.