Our Security Audits are based on industry-accepted standards such as, CoBIT, and legal requirements specific to the industry and country. The auditing approach is designed to cover all aspects of security including People, Processes and Technology. Our consultants are certified as CISSP, CISA, ISO 27001, and GCIA. More importantly, they possess possibly the widest array of technical expertise (see 'Technical Expertise').
Previous clients for whom we've conducted security audits include Northwestern Mutual, Western Railways, Prudential ICICI, CapGemini, Reliance Asset Management and others. See our complete client list.
Previous experience in this segment includes application security assessments for CRM and ERP software of large manufacturing and financial firms, e-commerce applications for some of the largest online stores, and client-based encryption software among others. Our skills in this area are demonstrated by the bugs we find in mission critical software from vendors such as Microsoft, Oracle, Macromedia and Nortel. Read our list of advisories here.
Industry Expertise We have conducted security audits for a wide variety of industries including the following:
- Banking and Financial Institutions
- Information and Communications Technology (ICT)
- Hospitals & Healthcare (HIPAA)
- BPO, Call Centers, and ITeS
- Media & Marketing
- Stock Exchanges & Stock Brokers
|Operating Systems||Windows NT, 2000, 2003, Linux, Sun Solaris,HP-UX, IBM AIX, Open VMS, Novell Netware, IBM OS/2|
|Databases||Oracle, SQL Server, IBM DB2, MySQL, PostgreSQL, Sybase|
|Firewalls||Cisco PIX/ASA, Checkpoint, Netscreen, Watchguard, Sonicwall, Fortigate, Web Application Firewalls|
|Intrusion Detection Systems||ISS RealSecure, Cisco Secure, Dragon IDS, Fortinet, Snort|
|Network elements||Routers, Switches, Load Balancers, Layer 7 Switches|
|Code Reviews||C/C++, Visual C++, Java, PHP, ASP, ASP.NET, Perl|
|Web Servers||IIS, Apache, Tomcat, Netscape Enterprise|
|Messaging Servers||Microsoft Exchange, Sendmail, Qmail, Lotus Domino|
|Others||SAP, Active Directory, ISA Proxy, Squid Proxy|