• Systems / High Availability
• Communications Infrastructure
• Monitoring Systems
• Security
• Virtualization
• Middleware
• Open Source
• Alfresco Document Management / ECM

Hlavný obsah

Security audits

IT is a vital part of most companies and information should be protected accordingly. To understand the risks and potential vulnerabilities of IT systems, we provide complex security audits from small applications to large enterprise systems.

We offer these standard security audits:

Infrastructure penetration testing

Penetration tests allow us to thoroughly audit security of information infrastructure in organization. Your organization can save significant amounts of money by revealing security vulnerabilities and issues early and fixing these issues before attacker can abuse them.

By performing penetration tests, we will verify security vulnerabilities in controlled environment and identify issues that can affect functioning of IT infrastructure, critical applications and other technologies. We uncover weak spots of security infrastructure, find potential problems and help building a secure IT environment based on customer's priorities.

Automated security audit of application

Automated security audit of web applications is performed by penetration testing tools that are configured and ran on the target application. Our security experts evaluate the output and communicate recommendations on fixing potential issues.

We recommend doing automated auditing as a part of testing process of custom applications or on regular (for example monthly) basis.

Automated tests can not reveal all vulnerabilities, but can uncover the most dangerous and most easily found vulnerabilities in web applications.

Comprehensive security audit using OWASP Testing Guide

The most comprehensive and complex security audit of web application is our audit based on OWASP Testing Guide. Audit covers all kinds of security problems in web applications. The result of our audit is the identification of all security vulnerabilities.

Active tests that an auditor has to perform while auditing are split into ten categories:

• Information Gathering
• Configuration Management Testing
• Authentication Testing
• Session Management Testing
• Authorization Testing
• Business Logic Testing
• Data Validation Testing
• Testing for Denial of Service
• Web Services Testing
• AJAX Testing