Assessment services & pentesting
We have a team of ethical hackers that are able to identify vulnerabilities in any application. We have everything in place to:
- Execute penetration tests of external and internal web applications,
- Assess the security of mobile apps,
- Scan your (wireless) network infrastructure,
- Investigate known or suspected security breaches,
- Assist you in the development of cryptographic operations,
- Reverse engineer software, etc.
Orange Cyberdefense has developed a specific methodology to perform security assessments in a uniform and consistent way. Our methodology is a combination of our know-how obtained by executing security tests for various types of organizations and is based on open standards including the Open Web Application Security Project, the Open Source Security Testing Methodology Manual and the ISO/IEC 27000 series.
Every organization is a potential target for malicious hackers. Through penetration testing we have one of ethical hackers assess your environment. We will use the same tools and techniques as a hacker with malintent would use with the goal to single out weaknesses in your application and/or security and suggestions to improve upon them.
- Guaranteed high quality thanks to our CEH-certified hackers
- A clear view on the vulnerabilities in your security
- With no direct harm for your data
Mobile app security
Mobile is booming, and that’s a good thing! With multiple operating systems and tens of thousands of devices on the market, how can you ensure your app is secure for all your users on the mobile devices they use. The quality of your mobile application, its usability, bug-free functioning, compatibility across iOS, Android and Windows Phone devices plays a vital role in the success of your mobile app in particular, and your business as a whole.
As an organization having a mobile application, exposes you to a whole new variety of risks:
- There is no network perimeter
- Mobile apps are distributed
- Mobile apps collect rich data
- Mobile devices are lost or stolen frequently
- You can’t fully control distribution
- Mobile apps can contain sensitive intellectual property
- Many traditional security controls don’t work
Our security experts have selected multiple security tools that fit our methodology to capture those vulnerabilities accurately and efficiently. In addition, our in-depth manual tests consider every aspect of mobile security, including how components are used and how applications/systems talk to each other.
Through a thorough security assessment we analyse your current infrastructure and write up a report with recommendations following different approaches.
- An extensive report regarding the status of your security infrastructure and concrete recommendations
- The best starting point to improve the security of your environment
To tackle security implications as soon as possible in the development process, our security experts can do code reviews of your application before it goes live. By doing this we are able to help you identify and fix these issues without impacting the application while it is in production.
- Less effort required: The effort to fix the vulnerabilities in the earlier stage of development is substantially lower.
- Lower overal cost: Cost is directly proportional to effort required. Not only development cost, but also, a vulnerability identified in the production environment may involve more costs.
- Compliance: Some compliance, such as PCI, makes it necessary to do a secure code review before launching the product.
- Reputation: Secure code review removes most of the security flaws in the earlier phase, so there is a lower chance of the product being compromised, resulting in a lower chance of reputation damage.