Open Mobile Menu

Contact us for a free consultation.

Learn more

Security Testing

We provide thorough assessments of all types of applications, networks, and infrastructure with guidance for improving your security posture.

Strategic Consulting

Our team of Security Experts provide industry-leading Risk Assessment, Project Management, and InfoSec Program and Policy Development services.

Compliance, Privacy, and PCI

Audit preparation, compliance, and privacy services with a focus on real security.  Our experienced staff can help you reach your security, privacy, and compliance goals in a manner best suited to your unique requirements.

Training

We offer engaging and interactive security awareness and technical training, both online and instructor-led.

From the Blog

Filed In: Security Testing, Application Security

Securing Third Party JavaScript

Jeremy Mount

Jeremy Mount

August 20, 2018

Views: 517

Many, if not most web applications use some kind of third party JavaScript. These scripts provide useful functionality and services such as analytics, social media integration, data services, user interface features, chat capabilities and so on, however they also present a substantial risk to the confidentiality and integrity of your application and the data contained within. This is not a new topic in application security, however many companies still fail to consider or fully understand the security implications of adding code from third parties to their applications.

Filed In: Application Security, Security

HTTPS or Be Warned

Adam Caudill

Adam Caudill

July 24, 2018

Views: 433

Today marks an important event in the security of the web – starting with today’s release of Chrome v68, the most popular browser in use today is warning users when they access a website over an insecure connection. While this is a small change to the user interface, it makes the dangers of insecure connections clear to users, even in cases where the website doesn’t collect information.

Filed In: Application Security, Security

Using the Same-origin Policy to Control for Cross-Site Request Forgery

Scott Simmons

Scott Simmons

July 23, 2018

Views: 499

Cross-Site Request Forgery (CSRF) is a security issue which can allow legitimate users to be tricked into performing actions in your web application on behalf of a malicious attacker. A successful phishing attack or similar scheme could be leveraged to exploit a CSRF vulnerability. It’s a serious issue which can be difficult to detect without manual penetration testing. 

News & Events