Polski

Services for other companies

Security Explorations provides various services in the area of software security.

Our specialty

We specialize in conducting comprehensive analysis of software for the purpose of discovering various security defects in its design, architecture and implementation. This refers to software available either in a source code or a binary form.

The experience gained throughout the last twenty years of work usually allows us to accept even the most complex challenges pertaining to security evaluation of software.

Our approach

We start every security evaluation work by knowing as much as possible about a target of our assignment. We believe that it's the only way to the successful and accurate security evaluation task of any product.

Knowledge about the internals of a target product's design and operation triggers our creativity - we start generating potential "what could gone wrong?" / attack scenarios. We verify each scenario, modify it if needed and iterate over each of them again and again until our creativity dies. During this process we usually learn new things about the target, which results in new attack scenarios and development of proof of concept codes.

All successful attack scenarios and weaknesses found are documented in detail and included in a final report delivered to the customer.

Our services

We offer the following generic services to our customers:

  • software security evaluation

    This service is ideal for customers who are in the need of a comprehensive software security review of their products or solutions.

    During the work conducted as part of the service, we analyze the source code and documentation of a customer's software in a search for security defects in its design and implementation.

    Single software security evaluation project requires usually 1-3 months of work. The actual timing is dependent on the complexity of a given technology / software and the source code size of a target product.

  • custom security research

    Custom research projects are conducted with respect to the technology or software of a customer's choice. This can include both open or closed (in binary form) software of arbitrary 3rd parties.

    Completing a single research projects usually takes us from 3-6 months of work. At the end of the project, all results of our research efforts are prepared in a form of a research paper. All accompanying proof of concept codes are included in it as well.

    Services from the custom research projects offering correspond directly to the research work conducted by Security Explorations. The difference is that this is the customer who decides about the target of our research and takes credit for sponsoring it.

  • offensive capabilities development

    This service is dedicated for companies and organizations from a law enforcement, government and military sectors in particular. As a result of the service, on demand security research of a given software / hardware product is conducted with the goal to provide a customer with specific offensive capabilities (such as a reliable Proof of Concept code exploiting a previously unknown security vulnerability).

    The offensive capabilities development service is available for products and services of major SW / HW vendors among others.

  • intelligence acquisition

    This service is dedicated for companies and organizations from a national security and military sectors in particular. As a result of the service, on demand reverse engineering and security research of a given target is conducted with the goal to provide a customer with specific intelligence about it (such as an in-depth knowledge about target's operation and internals, information about its security protections, weaknesses and backdoors).

    Intelligence acquisition service is available for targets critical from a national security point of view. This in particular includes, but is not limited to SW / HW used in drones, missiles, radars, airplanes, tanks, ships, trains, industrial and airspace control systems, satellite and mobile communication systems.

Our pricing

We believe quality security evaluation and security research services do not need to be expensive.

Our rates are constructed, so that they are competitive and affordable for businesses of various sizes and geographic locations (Poland along Western Europe and the US).

Our rates start from 8000 EUR per month of our services (from 50 EUR per hour). The actual pricing primarily depends on a target of the evaluation as well as the complexity and scope of the analysis process.

Special rates are available for educational / research institutions among others. More details can be found in our price list.

In order to request an accurate quote corresponding to a given project, please fill in the Project Brief form, encrypt it with our PGP key and send it back to us at services [at] security-explorations [dot] com address.

  • "Project Brief / Quote Inquiry Form", PDF file, 262KB (download)

Copyright 2008-2018 Security Explorations. All Rights Reserved.