At ITsec we’re different. Not because we want to, but because we think we have to! With our method we aim for quality and feasibility.
Our method distinguishes itself from other, similar companies. ITsec examines the security of an IT infrastructure or (web) application with as much knowledge as possible. In this way, we can provide the fullest possible picture of the inherent security level in as short a time as possible. Another important argument for this process is that we assume that an IT infrastructure or (web) application contains leaks. Worse, it’s probably already been hacked. This sounds paranoid and negative, but this suspicion is confirmed daily. In practice, it is often tested with or without limited knowledge (also called a black box). This approach provides shelf safety. Imagine, you test a web application without knowledge from the internet. When all kinds of infrastructure measures do their work well, an attacker does not find anything. Unfortunately the test says nothing about the security of the web application. When the infrastructure measures such as a firewall are not working or leaked, it is important to know what the security level of the application is.
The method used by ITsec for a security assessment is based on the guidelines as defined in the “Open Source Security Testing Methodology Manual”. An application assessment is also conducted in accordance with the (International) Directives of the Open Web Application Security Platform (OWASP) and the Web Application Security Consortium (WASC).
ITsec gives concrete advice and solutions. Our people work together ánd with you, for the best results. Check our services or contact us for more information.