Network and Source Code Security Audit

We offer live network and source code (e.g. web pages) audit. We also do an automated audit of network services.

Security will be evaluated by our very senior experts with certifications on security, software development, and databases. The weak areas will be pinpointed afterwards. The audit is concluded with final report with recommendations.

Various kinds of security audit performed by our staff are:

Every cooperation starts by signing a Non-disclosure Agreement (we guarantee that we won't misuse the information learned from audit), and a Purchase Order (including a statement of ownership or other kind of legal control over the target of audit).

Service: Network Audit

The network audit includes: network scanning, mapping the network topology, OS versions at network nodes, application version scanning, switch and router configuration check.

The price of the Network Audit depends on size of the network. Generally the price consists of three components: initial scan (5.000 Sk), live audit (hourly price), final report (5.000 Sk).

If you wish to order this service, or if you have any questions, contact us please.

Service: Server Audit

An in-depth server security audit - memory, application, file system, backup, and other analysis. First, the automated scan detects versions of the software, filesystem permissions, and other parameters of the system. Its outputs include the list of automatically detected vulnerabilities, as well as the data needed for the live audit. Afterwards, the system is checked by a security professional.

The price consists of three components: initial scan (5.000 Sk), live audit (hourly price, about 6 hours per server), final report (5.000 Sk).

If you wish to order this service, or if you have any questions, contact us please.

Service: Source Code Audit

Audit helps to harden the software developed by you or your suppliers. We are able to audit the source code in many languages on all common operating systems, including ASP, Bash, C, C++, Objective C, Perl, PHP, Python, VisualBasic.

The price consists of three parts: initial scan (5.000 Sk), live audit (starting at 0,60 Sk / line), final report (5.000 Sk).

If you wish to order this service, or if you have any questions, contact us please.

Service: Compiled Code / Black Box Audit

We use the black box method - entering "incorrect inputs" to check whether the application can handle the typical blind attacks.

If you are not sure about hidden features of the software, we optionally offer the analysis of the supplied binary application code by various methods.

The price depends on the situation and kind of work requested.

If you wish to order this service, or if you have any questions, contact us please.

Service: Forensic Analysis

If you have suspicion of break-in attempt, we can offer you "first aid" in form of fast analysis of the attack vector and the scope of the break-in.

When hacked, act calmly:

  • keep the server running! don't turn it off.
  • if you have a RAID 1 (mirror), disconnect one disk and keep it separately. If you have any other RAID level or if unsure, do nothing.
  • don't use the server (don't write to disks, don't create new files, etc.), to prevent data loss
  • you can disconnect the machine from the Internet, but this is not necessary.
  • order the analysis and await our technician.

The service is paid on hourly basis, depending on particular situation. It doesn't include system re-installation, nor bug fixing. This can be ordered based on the price estimate coming from the results of the analysis.

If you wish to order this service, or if you have any questions, contact us please.

Home