BACK TO LIST
Quick navigation

Comsec Consulting BV

Comsec Software Security Services

Measure performance and identify potential improvements to the software security lifecycle process
Website
Value Proposition

Problem

What are security bugs costing your organization? Security testing alone is not the most effective way of detecting flaws in your application. Analysis of documented security incidents and attack show that most vulnerabilities (95% according to one survey) originate from nonsecure development practices, both in standard off-the-shelf packages and in custom developed software

Solution

With over 25 years of experience, Comsec Consulting has developed a systematic approach based on best practice methodologies and frameworks, including OWASP, OSSTM, SANS, NIST, ISO 27001 and others. Our approach is tailored to the needs of your organization, systems, classifications and technologies in use. Our approach enalbles organizations to measure performance and identify potential improvements to the software security lifecycle process

Main Activities

  • Secure Architecture Analysis & Threat Modeling
  • Application Security Design Evaluation
  • Application oriented Penetration Testing
  • Application oriented Penetration Testing
  • Security Code Review (CoDefend)
Key Differentiators
  • Deep knowledge of Internet facing Web Sites & Services
  • Extensive Experience in e-Banking & Online Trading Applications and PCI related applications (e.g. Payment Gateways, Payment terminals)
  • With Mobile Applications (covering Android, iOS and J2ME)
  • With Core business applications (e.g. ERP, CRM, EBPP, Billing) and Core applicative infrastructure (e.g. SOA, Middleware, DW, Databases)
  • With 3rd Party applications / components review
Standards & Compliance
  • GDPR
  • ISO27000
  • NIST
  • PCI DSS
  • SANS
  • OWASP
Customers