Application Assessment

The Alpha Defense team has extensive application security experience. We have analyzed some of the most complex and advanced software on the market today, providing software developers with detailed reports of vulnerabilities in their application or architecture. We leverage our extensive experience in reverse engineering, exploit development, dynamic testing and static analysis to enumerate a wide range of potential issues in your application.

Our engineers have experience with a vast array of programming languages, platforms, and architectures. With experience in low-level languages, such as assembly, C, and C++, to managed languages such as C# and Java, our experience in vulnerability discovery will give you an attacker-level view of your application.

Upon the conclusion of an application assessment, Alpha Defense will report on, at minimum, discovered issues and remediation, providing your organization with an actionable plan for addressing discovered issues. As with all Alpha Defense service offerings, the actual deliverable is customized to each individual customer based on testing results and customer need.

After delivery of the final report, Alpha Defense will continue to assist developers in remediating issues by providing continued support for the information provided in the report. At Alpha Defense, we do not consider the delivery of a report the conclusion of an engagement, but the beginning of a partnership in the security of your software.

Techniques

Black Box

The Alpha Defense team has extensive application security experience. We have analyzed some of the most complex and advanced software on the market today, providing software developers with detailed reports of vulnerabilities in their application or architecture. We leverage our extensive experience in reverse engineering, exploit development, dynamic testing and static analysis to enumerate a wide range of potential issues in your application.

Embedded Software

Our engineers have experience with a wide variety of embedded software platforms and architectures. We can leverage this experience to discover means of compromising embedded software for a variety of purposes.

Source Assisted

We combine dynamic testing with source code analysis, levering our experience to determine the most valuable means of evaluating your software for security vulnerabilities.

Source Only

We analyze the source code alone, allowing discovery of complex issues often missed by other means of assessment.

Reverse Engineering

We analyze your application in its final and concrete form: the actual binaries, providing a concrete view of the resulting code, from the same perspective an attacker would leverage.

Remediation Testing

We review results, either delivered by Alpha Defense or other firms, and test to ensure remediation for reported issues is complete in eliminating or reducing risk of the finding.