Services for other companies
Security Explorations provides various services in the area of software security.
We specialize in conducting comprehensive analysis of software for the purpose of discovering various security defects in its design, architecture and implementation. This refers to software available either in a source code or a binary form.
The experience gained throughout the last twenty years of work usually allows us to accept even the most complex challenges pertaining to security evaluation of software.
We start every security evaluation work by knowing as much as possible about a target of our assignment. We believe that it's the only way to the successful and accurate security evaluation task of any product.
Knowledge about the internals of a target product's design and operation triggers our creativity - we start generating potential "what could gone wrong?" / attack scenarios. We verify each scenario, modify it if needed and iterate over each of them again and again until our creativity dies. During this process we usually learn new things about the target, which results in new attack scenarios and development of proof of concept codes.
All successful attack scenarios and weaknesses found are documented in detail and included in a final report delivered to the customer.
We offer the following generic services to our customers:
software security evaluation
This service is ideal for customers who are in the need of a comprehensive software security review of their products or solutions.
During the work conducted as part of the service, we analyze the source code and documentation of a customer's software in a search for security defects in its design and implementation.
Single software security evaluation project requires usually 3 months of work, but the actual timing is dependent on the source code size of a target product.
custom security research
Custom research projects are conducted with respect to the technology or software of a customer's choice. This can include both open or closed (in binary form) software of arbitrary 3rd parties.
Completing a single research projects usually takes us from 3-6 months of work. At the end of the project, all results of our research efforts are prepared in a form of a research paper. All accompanying proof of concept codes are included in it as well.
Services from the custom research projects offering correspond directly to the research work conducted by Security Explorations. The difference is that this is the customer who decides about the target of our research and takes credit for sponsoring it.
We typically charge between $24000 and $32000 per month of our services. The actual pricing primarily depends on a target of the evaluation as well as the complexity and scope of the analysis process.
In order to request an accurate quote corresponding to a given project, please fill in the Project Brief form, encrypt it with our PGP key and send it back to us at services [at] security-explorations [dot] com address.
- "Project Brief / Quote Inquiry Form", PDF file, 262KB (download)
Copyright 2008-2016 Security Explorations. All Rights Reserved.