Security
We maintain a specialized security practice. Here's how
we can help.
We help customers forge resilience through innovative security solutions.
Profound knowledge of OS internals and threat landscape. Contributions to Fortune 25 security solutions.
Our ExpertiseStorage filter drivers
Layered file systems for data security
Network filter drivers for attack prevention
ARM-based processor encryption support
Our engineers contribute to on-prem, cloud, and containerized security solutions. We work with industry standards like FIPS, KMIP, PKCS.
Excel inEncryption
Key management
Data discovery
Securing Interfaces
We provide expert consulting for organizations developing and customizing software, or even just maintaining an online presence.
Sensitizing developers and test engineers to security issues, so that security issues are considered throughout the development life cycle.
Audit of software development and QA practices, source code handling, bug tracking systems, vulnerability management.
Suggesting and implementing specific tools for assessing and reporting security quality of the software developed in-house before deployment. Suggesting steps for due diligence and inserting specific obligations from vendors when off-the-shelf or customized software is acquired and deployed.
We review security of SaaS solutions from the perspectives of an insider threat as well as a malicious attacker from the outside.
Assess the security of deployed servers, update and patching of software on the servers, instantiating a regular scan of the deployed servers for on-going information security status auditing.
Specific attacks of well-known vectors such as OWASP top 10 and CWE top 25, using appropriate tools and ad hoc techniques.
Software source code audit for identifying insecure practices and potential vulnerabilities for open source and client-developed software. Software security audit for software deployed where the source code is not available.
Separation of privileges for insider access to various server components and the data contained therein, separation of user data, assessing the secure storage of secrets pertaining to users as well as across user groups, suggestions for changes in architecture and deployment to ensure data access control.