DeploySafe Techniques
Our Tools And Techniques
Threat Modeling
We’ll address threats preemptively, by helping you build assurance into the design of your product, application, or network environment.
Review design, documentation, protocols, and data paths.
Interview architects, developers, engineers, QA, and product managers as needed.
Analyze and document Threat Models.
Collaborate to reconcile business requirements to risk exposure.
Recommend surgical design changes that mitigate entire classes of vulnerability.
Reverse Engineering
We’ll document and exercise the exposed functionality of an application, network service, appliance, or embedded system without access to source code or documentation.
Disassemble binaries, applets, and firmware.
Investigate development platforms, track down dependencies and libraries, and assess their security.
Develop tools to exercise functionality and uncover vulnerabilities.
Uncover hidden vulnerabilities, undocumented “debug” functionality, and validate vendor claims.
Penetration Testing
We’ll conduct black-box inspection of products and applications without access to source code, uncover vulnerabilities and help triage the flaws most likely to be exploited by an attacker.
Investigate protocols and dependencies.
Generate repeatable test cases to test for specific flaws.
Build reusable test suites for regression testing.
Report a matrix of vulnerabilities discovered, severity, and workarounds.
Document serious vulnerabilities to help expedite patching.
