Software Auditing

Security professionals leading the way.

Auditing Overview

Our software auditing service is designed to identify both real and theoretical security vulnerabilities in a wide range of software. From simple help desks to eCommerce platforms all the way up to complicated control panels and CRM's, we have the expertize and the knowledge to find security vulnerabilities in your software. Some of the security vulnerabilities that we look for include:

  • Privilege Escalations
  • XSS & CSRF
  • Local & Remote File Inclusions
  • Insecure Permissions
  • Race Conditions
  • SQL Injections
  • Input Validation Failures
  • ACL Failures
  • Symlink & Hardlink Attacks
  • Denial of Service
  • Cookie Mishandling & Poisoning
  • Content Disclosure

In addition to testing for the common security vulnerabilities listed above, we have developed our own exploit techniques based on our countless hours of security research to ensure that every scenario and every attack vector is thoroughly explored. When it comes to finding security vulnerabilities, we always think outside of the box!

Auditing Benefits

Increased Confidence

Your clients will trust your software, while others are compromised.

Less Liability

Save yourself from a lawsuit if client data were to be compromised.

Increased Sales

When the word gets out that your product is secure, expect increased sales.

Less Embarrassment

Being hacked is a PR nightmare! Minimize the risk with an audit.

Increased Compliance

PCI-DSS, HIPAA, SOX and other regulations require routine auditing.

Less Downtime

Think of the money lost for downtime while investigating a compromise.

Auditing Process

When we perform a software security audit, the very first thing we do is familiarize ourselves with your software and then prepare an extremely detailed checklist of every feature that needs to be looked at. The checklist is kind of like a flow chart and it shows what vulnerabilities were tested for each feature. Proper planning is the foundation to always performing a consistent in-depth audit!

Once the audit is underway, we make note of any security vulnerabilities found along with the associated proof of concept, severity rating and a brief discussion of each to help you understand the impact. In addition to looking for security vulnerabilities, we usually encounter random bugs and errors that also get written down to help aid you in making your software an overall better experience for users.

After the audit has been performed, we take all of our notes to compose a detailed audit report in PDF format. Within the audit report is the checklist so that you can see what we tested, any security vulnerabilities found and the steps necessary to re-create them and suggestions that should be implemented.