Navigation
Security testing
The operation of systems accessible from the Internet means that the operator or developer has a continuous risk of penetration into these systems. Due to the current requirements for the dynamics and agility of the development of information systems, there is a need for continuous monitoring and evaluation of the threats and vulnerabilities of these information systems.
We provide a continual, methodical and forensic support service. Testing the security of your Internet applications and systems through one-time complex in-depth tests or periodic vulnerability tests. Ad-hoc security analysis, penetration testing, and regular scanning of systems or running applications in the context of current system vulnerabilities.
All operations are carried out under the supervision of our specialists and in accordance with the security needs of your IS. For evaluation, we use Nessus, Owasp, Burp Suite, or manual method based on log file analysis.
Evaluation tools comparison
| PROPERTIES | BURP | NESSUS | OWSAP | MANUAL |
|---|---|---|---|---|
| System vulnerabilities (OS, libraries) |
 |
 |
|
|
| Filter layer vulnerabilities (firewall, proxy) |
|
|
|
|
| DB application vulnerabilities (sql inject, sql excalation, sql leakage) |
|
|
|
|
| Front-end vulnerabilities (www, xss, http injection, syn flood, slow loris) |
|
|
|
|
| Application vulnerabilities (ftp, smtp, imap, rpc, rds, vnc) |
|
|
|
|
| Transport layer vulnerabilities (ipsec, ssl, tls, open vpn) |
|
|
|
|
| Authorization vulnerabilities (brute force, session stealing) |
|
|
|
|
| Authentication vulnerabilities (acl escalation) |
|
|
|
|
| Key and password management vulnerabilities (hascat, rainbow tables) |
|
|
|
|
| Custom application tests | |
|
|
|
Used HW equipment
Prague (Casablanca)
Brno (T-Mobile)
For more information contact us right away using the contact form below.
CONTACT FORM