Penetration Testing and Code Reviews
Our Targeted Framework Assessment (”TFA”) strategy uses ethical attack methodologies. We employ Crest certified security professionals with front line cyber-defence experience in media & entertainment, military and banking.
Our penetration testers are very familiar with the TPN security assessment program for the Media and Entertainment sector. Through a targeted attack simulation, our team is able to take your business safely through real-world attack scenarios, allowing you to find and fix vulnerabilities before attackers can exploit them. All of our penetration testing is performed using an established, standard methodology allowing our clients to demonstrate controlled improvement between test cycles. We analyse the data to determine if your system is vulnerable to internal or external attack.
The MPA/TPN Best Practice guidelines advise external infrastructure and web application pen testing by a third party annually and also monthly vulnerability scanning. As we conduct an initial vulnerability scan as part of the pen test, the option is to have 11 subsequent monthly scans from the second month until the end of the 12-month period.
Code Reviews – We provide code review services to assess the source code of web applications as part of an overall security assessment. Our code professionals will assess the quality of the source code to identify vulnerabilities in libraries that may of exist, especially weaknesses in the integration between the code base and libraries and this is supported by a detailed report showing the findings with guidance on remediation.