Information leakage. We see it on the news, all the time. Although web/network security holes can topple companies, everyone seems to fall behind the curve.
Cyber Defense's Security Assessment focuses on two types of penetration testings: one for web applications, and the other for networks.
With thorough knowledge of web and networking, hacking technologies, and strong sense of mission, our engineers unite together as a team to perform manual analyses. Our deep analyses go beyond discovering the vulnerability itself, and detect what types of information are obtained by such vulnerability. With short timespan and high cost performance, we elucidate foreseeable threats, while suggesting possible counter measures to our client.

Our security Assessment in perspective

List of Security Assessment services

Web App Security Assessment Network Security Assessment Device Security Assessment

Rock-solid performance record

Our Security Assessment services are offered to conventional sites such as large-scale portal sites, various electronic commerce sites, and on-line trading systems, as well as to various 100% business-oriented sites. We have been accumulating our solid track records on diagnosing web sites of various areas, web applications, as well as infrastructures such as inter-office networks and intranets, DMZs, and others.

Our assessment focuses on the corporate lifeline "web", as well as its foundation "networks".

Web sites, web applications, and network that supports them are infrastructures necessary for conducting corporate activities these days, and should be considered as the most important assets in need of protection. Corporate infrastructure is in constant state of complex metamorphosis affected by various factors such as business expansion, corporate split-up, integration, and office relocation. Just like the fluctuating infrastructure, site attackers' trend is fluid-like. New tactics are being developed as security holes are discovered day after day.

Opening your corporate web site to the public means that your site can become the site attackers' target. In order to survive, it is essential for the corporates to know defensive measures so that web sites and networks can be protected from site attacks.

Using the attackers' mindsets and methods to deepen analyses, and to elucidate threats

At Cyber Defense, we do not rely on conventional commercial tools. With our custom-built tools and manual diagnostics, we are able to discover vulnerabilities that are out of reach of conventional tools. Attacking further and deeper reveals what types of threats there actually are, and what possible risks there will be. We do not stop at detecting just a vulnerability, but investigate to the depth of its effects. SQL injection vulnerability, for example, will be examined to see if personal information can be extracted.

Responding flexibly while matching the clients' system environments, business needs, and system objectives

Cyber Defense's Security Assessment goes far beyond of those services built on plain diagnostic tools.
Portal sites. Banking systems. Inter-office networks. Different system has different objectives and business needs. There is no set requirement of security assessment. Each company has its own requirements.
We put each of our client's system environment and needs into consideration, and custom-build the most suitable diagnostic methods for the client, in a flexible manner.

High cost-effectiveness with abundant experience and advanced skills

Diagnostic know-hows of experienced engineers are carried out manually. This enables more efficient diagnostic work while preventing elongated analysis period. Starting from diagnostics to recommended measures, we hope to provide them in a speedier, shorter term.
In addition to the superior cost performance, our deep level analyses can help deter operation crises, thus achieving even greater cost effectiveness.

Detailed follow-ups at a debriefing session for clients

When analyses are completed, results are informed at a debriefing session. The following reports are covered in details: vulnerabilities, threats, and explanation of conclusive risks. Reports are prepared in order to meet the attendants' demand. For managers and executives, we focus more on threats and risk-oriented subjects. For developers, on the other hand, technical details, such as vulnerability, will be elaborated.

We aim to follow up our clients in details, and will gladly meet your demand as required. Cyber Defense's flexible approach has been well-received by our continual clients of our assessment services. We will continue to listen intently to our clients, to improve our service quality.