Security Application Development
Sûnnet Beskerming utilises the advanced research coming out of Jongsma & Jongsma to develop innovative, safe, and secure applications which are designed from the initial concept to have security as their core concept. Through extensive research, and testing, a development framework has been discovered which allows us to deliver reliable security with graceful degradation modes. Custom software development can be arranged to grow from this framework in order to supply your specific needs with reliable security.
The development framework that was discovered is designed to allow for complete security, from the user interaction, through to data storage. It is also capable of extension to monitor the system itself for identification of malicious activity. Designed to be invisible to the end user, it can be used as the basis for complete applications, or even as a 'wrapper' providing protection to an existing product without significant intrusion.
Though we keep all client information and details in the strictest confidence, and pride ourselved on the delivery of World class products and services, there are certain products that we will never be involved with the development of, such as mass mailing applications (spam engines), network penetration tools for external clients (worms, viruses, trojan horses), or tools which could have an illegal payload (such as adware or spyware applications).
We do, however, develop a wide range of helpful security tools such as:
- Site validation tools;
- Robust authentication systems;
- Vulnerability assessment tools, and
- Database and file encryption systems.
Our security application development services are offered individually to clients, with few applications being released for mass commercialisation. This helps keep your exposure to compromise limited. Our developers and researchers are continually testing and developing the core security components to improve their ability to withstand destruction and their ability to remain secure under attack.
Network and Application Penetration Testing
In order to be able to successfully deliver a complete protection package, it is essential to understand where the weaknesses exist in the current implementation. Although manual reviews can identify a significant proportion of system, network and application weaknesses, a series of controlled, targeted penetration attempts will allow for practical observation of the weak points, and system responses.
Though the techniques and tools used to carry out penetrations are more commonly associated with hackers, it is important to be able to withstand their attack methods, and the use of their tools and techniques provides the best results possible for our clients. Full analysis reports are provided for the relevant stakeholders as to the current strengths and weaknesses of your systems, along with a set of basic recommendations for improvement. If paired with our protection services, and our security consulting products, then detailed recommendations are provided for improving the protection of your systems.
Part of our ongoing research is to maintain the same levels of technical skill and knowledge as the hackers, in order to provide you with the best identification of your weak points. In this we have the advantage, as we would also have access to the internal structure of your systems, allowing us to identify weak points more rapidly, and those which may not have been identified through penetration testing alone.
Forensics and Incident Response
When the unthinkable happens, and your systems get compromised by a hacker with malicious intent, Sûnnet Beskerming is there to help you recover, and prevent future breaches. Once we have been contacted, we will send out one of our highly trained and specialised teams on site to commence the forensics and investigative process. The earlier that our teams are brought in, the greater the chance of actually catching the criminals, and the smaller the overall impact from the intrusion.
Our response teams understand that a system compromise is a sensitive issue, and work rapidly with utmost professionalism, discipline and dedication aiming to identify and solve the problem that has led to the compromise. All team members have experience with formal investigative procedures, proper evidence handling, and tracking and identifying the sources of network compromises. In addition to our onsite teams, our remote specialists will assist in idientifying suspicious activity, and will work closely with legal advisors to ensure that steps taken to identify the source of the breach are not extra-legal.
System Protection and Monitoring Services
Part of a complete security solution is ensuring that there is an adequate level of protection for your systems and data. In addition to protective tools and practices, the implementation of monitoring services will help you to identify when your systems are coming under attack, or some other activity is taking place which is out of the ordinary. This will allow you to get an early start on stopping further compromise and possibly prevent any loss of sensitive information.
A range of software tools and services are available for implementation as part of establishing a system protection and monitoring policy. These services pair well with the reviewing services to help improve the overall security of a client's system.
System and Data Reviews
Dependant upon the structure of your company, and the jurisdictions where you operate, there will be different regulatory and legal requirements for system and data reviewing and accountability for corporate offficers and the company. We here at Sûnnet Beskerming are proud to offer a range of system and data reviewing tools and services, from automated through to completely manual services. If other Sûnnet Bekerming services or tools are in use, these tools will integrate well with them and streamline the accountability of data.
Unfortunately, due to the complex nature of electronic networks, systems and data storage, a lot of companies can not be certain of the content that they possess. With the advanced tools and services that we offer, we can assist with a move to a common data storage format as a part of the review process, making future reviews more streamlined, and reducing the overhead required for historical data analysis.
An added benefit to a Sûnnet Beskerming review is that it can form the basis for implementing one of our streamlined data management systems at a later stage. As with all our other services and products, the results of your reviews are held in the strictest confidence.
26 June 2007