Security Testing Security Testing




We look forward to
hearing from you.

IT Security Tests – protecting your software

Security
Industrial espionage, sabotage, blackmail: there are many motives for attacks on IT systems. Increased mobile access via smartphones and tablets is creating more and more new ways of attacking confidential and valuable data. Today’s system environments are becoming increasingly complex. This makes it harder than ever to protect company-wide IT systems. A single weak point in your IT security is enough to leave the system open to attack – which could mean the loss of sensitive data. Active and continuously enhanced protection against attacks is therefore essential. This is equally true of software, application and network security. Our security experts detect risks in your IT systems and raise the level of your IT security in a systematic and lasting way.

Security analysis of your IT system

When it comes to security, preventive measures are the first step. So we start by determining the current level of security and identifying potential weaknesses in your applications, system infrastructure and IT processes. We examine applications and infrastructures using both static application security tests (SASTs) and dynamic application security tests (DASTs). These tests enable us to simulate attacks on test or production systems, in order to identify security risks. x

Challenges to your IT security

We can also help you to eliminate any security loopholes in an effective and lasting way. However, occasional or one-off analyses cannot offer 100% protection for IT systems. This is because technologies are constantly developing, while the systems and tools available to attackers are becoming more powerful. Moreover, even very minor changes to the overall structure of your IT environment or failure to apply necessary system changes can open up new windows for attack. x
Our security experts know that: In the long term, adopting a systematic approach to attack situations is vital for a high level of security. This may mean drawing up threat scenarios or designing secure applications and architectures – we will help with development, implementation and maintenance. Our IT security tests are always based on up-to-date risk scenarios. This enables us to provide targeted end-to-end protection for your applications. x
We run courses and workshops, in order to train your staff in IT Security. As a member and partner of the International Secure Software Engineering Council e.V. (ISSECO), we also play an active role in planning training for the qualification of Certified Professional for Secure Software Engineering (CPSSE) and offer the associated courses. x
  • We assess your applications, by analysing requirements, architecture and source code
  • Dynamic tests detect security gaps, e.g. by automated testing of interfaces 
  • Penetration testing of applications and IT infrastructure
  • Training for developers in secure software development
  • Preparation of mandatory concepts for secure application development 
  • Evaluation and adjustment of suitable tools 
  • Definition of processes, information flows and how results are presented 
  • Establishment of a semi or fully-automated quality gate for the technical acceptance of software 
  • Assistance with the definition of IT Security Management systems (ITSMS), e.g. in compliance with ISO 27000 or BSI Baseline Protection

Take advantage of the experience and expertise of SQS in the field of Security Testing.

x

Copyright © 2016 SQS All rights reserved

  • btn_linkedin
  • btn_xing
  • btn_facebook
  • btn_google
  • btn_twitter