Security Test Center
Every change to an application can lead to new security vulnerabilities. Web and mobile applications that are often developed in an agile approach are particularly at risk.
Manual security assessments (e.g. code reviews or pentests) are vital but not by no means enough to compensate that risk. For this we need automated security assessments on code and application level that can be executed with periodically, daily, with every change or commit:
- With Web security scanner (“DAST tools”) we can periodically scan your website from remote and identify many critical vulnerabilities.
- With static security code scanner (“SAST tools”) we can automatically analyze large code repositories (either source code, byte code or binary code) and identify security related programming errors and flaws.
We are working closely with leading enterprise tool vendors to provide you the best security assessment possible. We not only offer one-time but also periodic scans (e.g. every week/month or with every new release).
You will get the following advanced by using the scanning services provided by our security test center:
- The use of the best tools available (licensed by our technology partners)
- Combination with of results of other assessments
- Professional configuration and fine tuning
- Review of all results (no false positives!)
- Individual rating, reporting and presentation.
- Remediation support and verification
- No expensive tool licenses or installations
The best possible assessment result is always based on the combination of different analysis techniques, such as pentests, code review, architectural risk assessments and/or threat modelling. By using tool-based assessments, we can minimize the required effort to execute such time- and resource-consuming assessments and make them much more efficient too.