Audit and Tests

  • Application Security Testing
  • Compliance Audit
  • Ethical Hacking
  • Social Engineering
  • Application Security Testing
  • Compliance Audit
  • Ethical Hacking
  • Social Engineering

Source Code AuditGoSecure has a proven track record uncovering weaknesses and vulnerabilities in processes, technologies and people.  Our team provides actionable items for risk mitigation using a combination of our own tools, tactics and procedures (TTPs) and industry leading practices like OWASP, OSSTMM, COBIT, ISO or NIST.

Our application security testing team uses leading practices, tools and techniques to validate your applications. Be it a mobile app (iOS, Android, etc.), a Web application, embedded systems (such as for an airplane, industrial control systems or weapons guidance systems).

Ethical Hacking, often referred to as penetration testing, is a complete service to assess real world resistance to attackers. Using our proven methodology, our skilled and experienced testers will act as an intruder in order to compromise your strategic business information. Vulnerability assessments, wireless audits and proof of concept exploit development are also part of our ethical hacking portfolio.

A part of our ethical hacking strategy is to test your employees’ responses to adversaries as they are often considered the weakest link. We assess your employees' responses through various social engineering techniques like external reconnaissance of leaked information (commonly referred to as Open Source Intelligence or OSINT), email phishing campaigns, physical security validation or tailgating employees to gain access to protected areas of your business and further test the network from inside.

As a contributor to the OWASP Global effort (www.owasp.org/index.php/Acknowledgements), our teams leverage testing approaches such as the open source Application Security Verification Standard Project. We believe in a holistic Web assessment approach where software architecture, code and the application itself are tested.

Compliance audit is based on regulatory standards and the industry leading IT audit approaches by ISACA, ISO, NIST, and PCI-DSS. GoSecure works with clients to test IT controls to determine if published security policies are being followed and position the client against his compliance requirements.

We have extensive experience supporting internal audit functions as well as participating in external audit activities.