Assessment

VA

Network

  1. Designing a robust and flexible security architecture will benefit many areas of your business. Our trained experts will take you through the process step by step to review that your security is sound, and your risks are mitigated.
  2. Your business deserves a well-designed security architecture that will satisfy risk, compliance and operational requirements. SATTRIX’s experienced consultants you can trust with for the design comprehensive security architectures all the time.
  3. SATTRIX helps its customers to implement security processes and services. Part of our implementation process includes validating the risk levels, security policies and architecture standards we recommend. After validation, our trained consultants show you how to manage and monitor your information security architecture for optimum protection and performance.

WiFi

  1. SATTRIX provides extensive WLAN Auditing and Consultation services to help assess the security posture of your WLAN and to configure it to the maximum level of security. Sattrix security consultants works with client to define scope of work, identify all available wireless access points, make inventory, scan wireless network for weakness and exploit identified vulnerabilities in wireless network. An overall assessment of wireless infrastructure is performed to understand exposure of company to wireless network attacks. Based on assessment recommendations are made to secure wireless network.

Systems & Infrastructure

  1. Infrastructure Vulnerability management is an on-going process that helps preventing unauthorized access of your valuable data, customer information, critical network assets and intellectual property from your network infrastructure. With the rapid increase of IP usage, networks become businesses’ vital infrastructure that would greatly affect operations.
  2. SATTRIX Infrastructure assessment approach is designed in a way to cover all aspects of security including People, Processes and Technology. SATTRIX possess possibly the widest array of technical expertise to secure the customer’s infrastructure.

PT

  1. Types of Penetration Tests:
  2. White box – the testers are given full information regarding the target system or application. This approach simulates a completed reconnaisance phase, allowing the testr to look for attack vector much more efficiently.
  3. Black box – the pen testers go in bliend with virtually no information about the system, it’s very accurate in pinpointing those gaps in security processes that can be exploited by an attacker to gain foothold.
  4. Grey box – it falls in between full disclosure and zero-knowledge, it’s effective in mimicking the kind of knowlege that threat actors may have by researching, foot-printing and accessing a system.
  5. Picking the right pen testing methodology for your business isn’t as straightforward as just picking a color. Align the right pen test type to your organization goals to guide remediation and repair weaknesses is essential.

Web App. Audit

  1. Vulnerable web-facing applications are rapidly becoming the most popular attack vector of malicious hackers. Application code vulnerabilities and design flaws in content-rich, web-based, thick-client, and mobile apps can be targeted to penetrate networks and steal sensitive information. To mitigate these threats, application security assessments must be built into the development and release lifecycle.
  2. Sattrix’s application security assessments identify weaknesses in your proprietary or third-party applications and propose fixes that will enhance your system’s security posture. By combining the use of leading tools with targeted, expert manual analysis of your application, we diagnose threat susceptibility and provide you with repeatable, measurable, transparent, and actionable results

Code Review

  1. Software
    1. The basis of all IT systems and applications is source code. Even if a particular system or application is working well from the point of view of functionality, it may still contain serious security weaknesses. If the conditions in which the system or application are used are such that a weakness can be exploited, it gives rise to a vulnerability. If attackers become aware of such a vulnerability, they may exploit it to attack the system or application or gain access to networks and systems that are connected.
    2. Finding and remediating software vulnerabilities and weaknesses is a major step towards improving the security posture of your systems and applications, and your IT infrastructure in general. UL will first examine the system or application, its context, and potential threats, followed by scoping based on a threat model. The central part of the code review is the actual examination of the source code. This step is followed by reporting and advice to conclude the code review.
  2. Mobile App
    1. Rapid growth of client–server applications developed for mobile platforms is transforming the way businesses and their customers interact with one another. But as the development of these applications is typically driven by functionality, user-friendly design, and corporate branding, security is often overlooked. Even when security is considered, a mobile application is still likely to contain vulnerabilities—and every update creates the opportunity for new vulnerabilities to be introduced.
    2. The risks to organizations are enormous as breaches have the potential to cause significant financial losses and damage to corporate reputation. Particular industries, such as financial services, are under increased pressure since mobile e-banking applications must comply with strict industry regulations.
    3. Mobile application security tests conducted by the experts at Sattrix provide you with an independent assessment of the level of security of your mobile applications. Our experts have extensive experience in mobile application security and experience over the globe in protecting networks of leading banks, global telecommunications providers, and industrial conglomerates.
  3. APIs
    1. Application programming interfaces (APIs) continue to play a fundamental role in our digitally-connected world. As architectural building blocks, APIs allow applications to integrate, extend services, and share data with other applications. This ability to provide fast and easy integration has led to a tremendous surge in API usage over the last several years. The flip side of fast and easy integration, however, is the increased exposure to authentication, session management, and authorization vulnerabilities stemming from a growing list of interconnected systems and applications. This is driving organizations to seek stronger assurances around their API security to feel confident that quick and easy integration does not come at the expense of increased risk.
    2. Sattrix’s API Security Assessment can help address this growing risk and provide the assurance organizations need around their burgeoning API environments. With a methodology that combines proven application testing and a thorough analysis of your environment, our application security experts will ensure your APIs are secured in accordance with the latest API security best practices. To that end, we carefully analyse the configuration of your environment’s authentication, authorization, logging and monitoring controls to ensure allexploitable vulnerabilities are detected so they can be effectively remediated. Only a thorough review can provide the assurance you need, and Sattrix is there to help.