CodeMash - a unique event for developers Read more
Security reviews are often used when new systems are commissioned and give you an overall picture as to the system’s vulnerability before its eventual go-live date. Frequently, reviews are also used in the initial prototyping stage for a project, so that security features can be incorporated at the earliest possible stage. The results of a security review often determine the final go-live date.
We will discuss your project, identify possible threats and agree on an analysis approach with you. Security reviews typically entail the following work:
Compass Security works closely together with you when carrying out a security review. All the necessary insider data, test network configuration, system settings and source code is disclosed to us so that we will be able to see the effectiveness of any security measures.
Typically the entire system security is determined based on reviewing these documents, through workshops and interviews with you or by analyzing the configuration or the source code itself. Common security standards or industry usage is the measure we use in reviewing this.
We provide a report which summarizes the entire system’s security, lists the findings as well as the potentials to improve the overall security. We guarantee that both your tech teams as well as your management teams will be able to make key decisions thanks to this report.
Usually, the key findings are already known to the team in the majority of cases since we identify the findings together with the customer during workshops and interviews. Nevertheless, Compass Security still recommends that a debriefing meeting is held so as to foster a common understanding of the overall security and for future additional work in this area.
We are more than happy to discuss your personal requirements. Do not hesitate to get in touch.
The editorial staff of the Unternehmerzeitung has taken up the topic of cyber security again and in an interview sheds light on how the cooperation... Read more
Lukasz D. has identified a remote code execution vulnerability in the Human-Aware Data Acquisition (HADatAc) framework. Read more
In the advanced training course BSLB / RAV / IV of the HSR Hochschule für Technik the topic "Opportunities and risks of digitalization and the labour... Read more
Have you ever said something and later regretted it? Or written an email to someone and then wished it had not happened? Or sent an SMS message but afterward desired to change its content? Well,... mehr
Contents Introduction Attack Overview Step-by-Step Detection Email Clients Administration Tools Exchange Compliance Features MAPI Editor Eradication Microsoft Security Response Center Swiss Cyber... mehr