As web infrastructure continues to develop, so do its vulnerabilities. Small oversights from architects, developers and managers can lead to large security and privacy issues. Security Compass provides the services you need to secure your web applications effectively, through services that include:

Threat Analysis

Threat analysis is a powerful tool to determine the unique threats that an application might face; it is a systemic method of finding security issues in an application by forcing developers to think like an attacker. Security Compass has performed numerous threat analysis engagements and we've developed a methodology that will help you identify your threats at a crucial stage - early in the design process.

Software Development Lifecycle Enhancement

True application security can only be achieved by building secure applications. Have you built security into your Software Development Life Cycle? Let our expert application security consultants work with you to developer more secure processes, procedures, and guidelines from requirements through to maintenance.

Application Code Review

Automated tools to review code for security defects are limited in functionality. Manual reviews identify issues that require a contextual knowledge of the code. Security Compass experts have performed reviews on millions of lines of code in critical applications for several companies in the most popular platforms, including .Net (C#, ASP, C, C++) and J2EE. Leverage our experience to help ensure you are developing secure applications.

Product Testing

Product reviews examine vendor applications using a black-box approach to find security vulnerabilities. Product reviews discover vulnerabilities before the product is shipped, thereby decreasing potential security updates, enhancing your organization's reputation amongst customers and creating a competitive advantage. Let us work with you to enhance the security of your shipped software.

Web Application Security Testing

Web application security reviews determine the security state of a web or eCommerce implementation, identifying potential weaknesses and recommending improvements. Using a combination of network and application level attacks, we perform black, grey or white box testing to determine the security posture of your web applications from the Internet, Intranet, or both.