Security
The security of your software, websites, network and all the assets such as web servers is essential. Ensuring the security of confidential business, client and customer information is not only important but legally required. Carrying out security testing and assessments is the key to knowing for certain how secure your software, systems and data are.
At Test Hats we recognise that Security Testing is often omitted from testing regimes due to its perceived complexity, cost and abstractness from delivering functionality the user cares more directly about. We also understand security testing is a complex technical field that can be difficult to address without support.
That's why we've developed a clear-cut set of Security Testing services, that make it easy to see the value to your project.
Network Security & Application Security
At Test Hats we split Security Testing into two simple levels, testing the network and testing the application.
We then have four key services under these levels:
- Network: Compliance Auditing & Patch Auditing
- Application: Vulnerability Assessment & Penetration Testing
Combined, these levels and key services form our Security Assessment Life-cycle.
The Test Hats Security Assessment Life-Cycle
Depending on your company's role in a project, you'll care about one or both of these.
Different projects, different needs
It’s often the case that there are multiple parties involved in a project and responsibility for Security Testing is shared across these parties. The Test Hats approach allows you to select the most relevant Security Testing for your project.
For example;
- If you are developing a website or application, but your Client or a third party will deploy it to live, then consider just performing Application Security testing.
- If you are developing and hosting the website or application, then combine Network Security and Application Security testing.
- If you are just hosting the website or application for a Client who has developed and tested it, then just carry out Network Security testing.
Security Testing Models and Methodologies
At Test Hats we have our own Security Kitbag of proven techniques, approaches and tools that have been successfully used on numerous engagements. Our consultants also draw on industry methodologies and standards such as OWASP, OSSTM and ISO 27001.
In our Test Lab we use a range of COTS, Open Source and in-house developed tools and suites to carry out our Security Testing. In addition we have extensive libraries of attacks to use directly or craft bespoke vectors from, to test your software security to the full.