Polski

Services for other companies

Security Explorations provides various services in the area of software security.

Our specialty

We specialize in conducting comprehensive analysis of software for the purpose of discovering various security defects in its design, architecture and implementation. This refers to software available either in a source code or a binary form.

The experience gained throughout the last fifteen years of work usually allows us to accept even the most complex challenges pertaining to security evaluation of software.

Our approach

We start every security evaluation work by knowing as much as possible about a target of our assignment. We believe that it's the only way to the successful and accurate security evaluation task of any product.

Knowledge about the internals of a target product's design and operation triggers our creativity - we start generating potential "what could gone wrong?" / attack scenarios. We verify each scenario, modify it if needed and iterate over each of them again and again until our creativity dies. During this process we usually learn new things about the target, which results in new attack scenarios and development of proof of concept codes.

All successful attack scenarios and weaknesses found are documented in detail and included in a final report delivered to the customer.

Our services

We offer the following generic services to our customers:

  • software security evaluation

    This service is ideal for customers who are in the need of a comprehensive software security review of their products or solutions.

    During the work conducted as part of the service, we analyze the source code and documentation of a customer's software in a search for security defects in its design and implementation.

    Single software security evaluation project requires usually 3 months of work, but the actual timing is dependent on the source code size of a target product.

  • custom security research

    Custom research projects are conducted with respect to the technology or software of a customer's choice. This can include both open or closed (in binary form) software of arbitrary 3rd parties.

    Completing a single research projects usually takes us from 3-6 months of work. At the end of the project, all results of our research efforts are prepared in a form of a research paper. All accompanying proof of concept codes are included in it as well.

    Services from the custom research projects offering correspond directly to the research work conducted by Security Explorations. The difference is that this is the customer who decides about the target of our research and takes credit for sponsoring it.

Copyright 2008-2014 Security Explorations. All Rights Reserved.