Our risk assessment services provide an in-depth analysis of your application’s current security posture, providing a clear path forward to securing your organization’s most valuable assets.
What Level of Security Do You Require?
OWASP has a document called the Application Security Verification Standard (ASVS) that provides close to 300 controls related to security. The ASV groups these controls into 3 levels of assurance:
Level 1
This is for most applications. The moment you plug your application into the Internet, you’re going to be attacked, and you have to at least have the minimum set of controls that are defined by Level 1.
Level 2
This is for when your application handles data such as personally identifiable information or you are performing small transactions. In fact, a majority of applications fall under that category.
Level 3
This is for applications that handle sensitive medical data, high value transactions, or require the highest levels of assurance.
Our Process
Here’s our in-depth approach to securing your organization’s web, mobile, and other applications.
1. Discovery
Our security team works closely with your team to get a complete understanding of your application. This includes hands-on design workshopping and full documentation for your organization.
2. Threat Modelling
Threat modelling will indentify key threat scenarios specific to your application. We classify threat scenarios and assign the specific impact and likelihood levels to determine the risk for each identified issue.
3. Pentesting
Using both manual and automated methods, our security team will build and execute test cases to verify each threat scenario and identify the actual risks to your business.
4. Report
Once our process is complete, your team can expect a detailed report that contains the findings from the threat modelling and security testing exercises, along with a list of our recommendations.
Your Trusted Cybersecurity Team
We are positive and encouraging educators and service providers, delivering best-in-class security solutions. We aim to provide our clients with thought leadership in security, and pride ourselves on always staying at the leading edge of best practices.
Book Your Free Consultation
We offer a complimentary, no-strings attached consultation in order to better understand your specific security needs and discuss solutions.
Consultations can be scheduled in-person (Vancouver & Toronto Area) or via video conference.