Products Of Innovative New Technology

Premiere Application Security Advice

Detailed Vulnerability Analysis

Pentesting is designed to find a path to the valuable data inside your organization. It is important, but it's not the only thing. Vulnerability analysis is for finding all of the potential flaws in an application. In pentesting, the requirements are very specific, but the scope is very broad. In vulnerability analysis, the requirements are far broader, but the scope consists of one single application.

Extraordinary Security Training

Spending time educating developers about security is the single best way to build a bridge between development and infosec. POINT brings live, in-person training for both security awareness and secure coding to your facility. Security awareness training includes live looks and labs for attacking web applications. Securee coding can be customized to a number of platforms, and it is based on our Secure Coding Guide.

Practical Secure Coding

Audits and training will only get you so far. At some point, secure code has to be written, and a secure application development lifecycle is key to providing an environment for writing secure code. POINT has an established pattern to help your company create that environment for your developers, and will help you implement it.

POINT can help you set up your application security practice

Application Security is our core competency. We entely focus on the improvement of secure coding practices. Some of the projects we have completed recently include:

  • Setup of an application security process and training for 70 financial services developers.
  • Code review in C#, Java, Ruby, PHP, and Python.
  • Bug bounty results triage and oversight.
  • Development of specialty analysis tools in C# and Python.
  • Vulnerability analysis of Android and iPhone applications, including service tier and hosting servers.
  • Configuration scanning and testing of cloud platforms including Azure and AWS.
  • Curation of training and implementation of a Capture The Flag competition for a development staff.
  • Integration of vendor products such as Fortify and Veracode into the SDLC.
  • Comprehensive vulnerability analysis of all types of applications, on all platforms, with complete reporting.

Contact POINT now to discuss your specific needs.