We conduct assessments for Web Applications or Networks whether internal and external using an array of scanners and tools. All of the results are imported into our BI tool which allows for designation appropriate reporting from CEO to Developer.

Our reporting covers everything from Executive Summaries to Remediation.

We believe that once all vulnerabilities have been addressed that it is then worth engaging the services of our highly skilled senior analysts who will perform manual penetration tests and provide reporting and remediation.

We provide tools that can scan your uncompiled source code for vulnerabilities, identify them and show your developers where and how to resolve these issues.

Our tools are fully capable of identifying vulnerabilities and loopholes that are officially documented or enforced by OWASP Top-10, SANS 25, PCI DSS, HIPAA, MISRA, Mitre CWE, FISMA and BSIMM. With the help of our unique open query language, you can easily create your own security policy consisting of the vulnerabilities most important to your organisation.

We offer practical security focused network and infrastructure design. We offer vendor agnostic solutions and can assist with the design and implementation of you secure internal or external network.

We offer compliance assessment and reporting using the following industry specific compliance standards

• CIS – Centre for Internet Security
• DISA – Defense Information Systems Agency
• HIPPA – Health Insurance Portability and Accountability Act
• PCI – Payment Card Industry
• TNS – Transaction Network Services
• CWE – Common Weakness Enumeration
• NIST – National Institute of Standards and Technology
• ISO 27001 – Information Security Management System (ISMS)
• OWASP – Open Web Application Security Project
• SOX – Sarbanes-Oxley Act
• STIG DISA – Security Technical Implementation Guide Defense Information Systems Agency
• WASC – Web Application Security Consortium