Security risk assessments are broad investigations of the entire network to measure the level of compliance within businesses against industry good practice and international standards, designed with the intent to protect sensitive business assets.

Code security testing assessments try to identify possible flaws in the code or poor coding practices to prevent vulnerabilities in advance that may arise through these. This can be done using automated tools or though manual scrutiny. Some assessments: • Presence of developer test code/files (not removed) • Obfuscation • Session handling • Input Validation • Parameter & variable checking • Cookie parameters and hidden fields (if applicable) • Read/Write call to files (permission checks)

A mobile security assessment service will ensure that configuration and implementation of mobile devices are secure and will not allow the compromise of corporate networks or capture of sensitive data via rogue employees, lost devices or ‘man in the middle’ attacks, without impinging upon the remote-access convenience mobile computing offers.

Penetration Testing (or Pen testing) is a form of ethical hacking, where a staged real-life hacking of the system using only minimal information is carried out to identify vulnerabilities in the network. Penetration testing services are often essential for compliance to financial regulations and certifications. Tests include:
• Security Vulnerability Assessments
• Network Penetration Tests
• Web Application Penetration Tests
• Internal Penetration Tests