Dracosplace Security Consulting Services:
- Penetration Testing/Real Security Analysis
- Security Code Audit/Review
- Web Application Security Testing
- PCI Assement and Quarterly Audits
- Weekly Security scans
Penetration Testing/Real Security Analysis
At Dracosplace Security we pride our selves as security engineers. When we take on a penetration testing contract you have a skilled security engineer performing the audit. We do deploy automated scans for vulnerabilities and configuration issues, but it takes a trained engineer to not only read through the results of those automated scans, but also to perform more detailed/focused attacks at a customers application.
An automated scan can be programmed to check for the most common vulnerabilites and does a good job of finding those. When logic or unknown exploits comes in to play unfortunately those types of applications don't get very far, but that is where Dracosplace Security comes in to add the extra value and complete the full cycle of a security audit. In the Real Security Analysis we take the Web application Security testing the next step. We don't audit to show an issue, we audit to exploit as far into the site,server,and network as possible to show the potential impact of such an issue.
Security Code Review
Penetration testing is a great way to identify issues that are exposed to a hacker. Security code audits are the next step in securing your application from hackers. By allowing us to review your code we are able to identify issues that aren't identifiable from an external audit, but that could lead to future breaches in security. Often times we prefer to do the security code review and penetration testing in parallel so that we are able to accurately asses our findings in the code and display the potential risks that it has.
Web Application Security Testing
With the creation of dynamic and database driven sights the increase in vulnerabilites has risen greatly as well as the number of different types of security holes. We help to audit you web application and protect it from SQL Injection holes as well as Cross Site Scripting vulnerabilites and the likes.
It only takes one piece of unfiltered user input to expose a hole in your application and ones a hacker is in the door it is surprising how far they can go.
PCI Assement and Quarterly Audits
Anyone maintaing and processing credit card information these days is required to be PCI Compliant. Dracosplace Security can assist your company with the PCI Self assesment questionaire as well as the quarterly audits to meet PCI Compliance levels. We will work with you after an audit to make sure that your stie and configuration meets the required standards.
Weekly Security scans
Dracosplace Security provides weekly scans to customers that audit for all the known web application exploits and server misconfiguration. The service continually updates its list of audits to keep up with the latest vulnerabilites and security trends to stay ahead of the hackers. Dracosplace Security will help your company verify findings and dig into issues that need to be resolved and secured.