Consulting Services

We harden applications and infrastructure to make them safer to deploy.

Our engagements usually take one of three forms:

  • In a design review, we evaluate architecture, design threat models, and recommend design changes that make software more resistant to attack. Design reviews are preemptive and uncover vulnerabilities when they are cheapest to resolve.
  • In a code review, we analyze source code, map data flow, check inputs and outputs, verify conformance to best practices, and suggest changes that eliminate vulnerabilities. Code reviews offer depth and coverage, and Matasano has more experience per team member performing this service than virtually any other organization.
  • In a penetration test, we reverse engineer applications, middleware, and appliances, on a wide variety of platforms, and conduct black-box testing to identify vulnerabilities without access to source code. Penetration testing helps enterprise customers verify the security of products deployed on their networks.

A year ago, we would have said our most important advantage delivering services was technical competance (we average over 10 years each delivering these services). Our customers tell us that above and beyond that, we offer flexibility: we finish projects quickly, provide decisive results, and don’t require enormous commitments from our clients.

We’re based out of NYC and Chicago, and will travel or do remote engagements.

Want to know more? Contact Dave Goldsmith at (617)501-3271.

Who We Are

Matasano is a team of internationally respected security experts who have led security efforts at @stake, Microsoft, ISS, Secure Computing, Arbor Networks, Secure Networks, Bloomberg, Sandia Labs, and others. Read more about our team and how we can help you today.