Our Services - Verified Security

Security Testing/Penetration Testing of Web Applications/Web Services and API-s

We provide web application/service/API penetration testing services that are based on the OWASP ASVS standard. But also if a client requests a smaller evaluations that cover only specific functionalities in their application can be done.

Prior to testing details in regards to the security testing will be discussed – the scope, exact methodology, rules of engagement, goals, conditions, time and price.

During the testing attacks simulating real world actions of malicious actors will be carried out, if the client wishes to test their security monitoring then different levels of adversaries can be simulated – how stealthy or “loud” you want us to be.

As a result of the testing a thorough report will be compiled & presented. It includes detailed information about the coverage of the testing performed, vulnerabilities found and information/guidance on remediation.

We also perform infrastructure/network pen testing to verify the security of your IT infrastructure setup/environment.

Automated External Vulnerability Scanning

Often websites built using well known a content management systems(CMS) like WordPress/Drupal,etc get left un attended for longer periods of time and/or there are some reasons that automatic updates cannot be enabled. Which can leave them vulnerable to cyber attacks.

To give you a peace of mind and get a regular review of the state of the security on your website we provide the automated external vulnerability scanning services, that websites and their plugins for known vulnerabilities.

We also can provide regular automated DAST scanning of custom built API-s and websites.

Cyber Security Awareness Trainings

As the weakest link in cyber security tend to be employees raising employee security awareness is a must. We provide cybersecurity awareness/cyber hygiene training custom tailored to your specific needs or our general cyber hygiene course called “What could possibly go wrong”.

“What could possibly go wrong”

This is a cyber hygiene related course that is mainly oriented at detecting phishing attempts and what can be the outcome of when you open a malicious attachment.

During the course a overview will be given on widely used phishing techniques and different examples of targeted phishing e-mails will be shown. A overview is given on some of the things to look for in order to detect the phishing emails.

A live demo is performed on what can be the outcome when you click on a phishing link or open a attachment in a phishing e-mail.

Phishing Testing

If you want to test your employees ability to detect/distinguish targeted phishing e-mails then we can provide a targeted phishing test. In cooperation with the client we craft different phishing scenarios and then perform a phishing campaign to test the security awareness/phishing detection ability of the clients employees.

Security Consulting

Whether you need help in analyzing some vulnerabilities/security issues, implementing/designing cyber security products/solutions/policies, etc or just have security assessment/compliance related questions, our specialists can advise you in a wide range of topics.