It’s irrelevant how secure your infrastructure is or that there are protocols implemented for physical security or even that there is a detailed procedure for the management of incidents if your entire client database is downloadable with a single query to an insecure application.
Relevant application
Securing an application is suitable at any stage – before initial implementation, after implementation of a new version, or even during routine operations.
Our procedure
In order to ensure that everything is working as it should, we will use everything at our disposal – from static to dynamic analyses to fuzzing and manual testing.
Result
A list of our findings, a countermeasure proposal, and additional steps needed to increase the level of security.