Cutting Edge
Services
Diagnose your digital stack against best in class cyber attack vectors, cutting across people, process and technology, along with an actionable roadmap to mitigate the identified gaps.
Specialised Practices
What is
VA & PT?
For the hundreds of applications running inside your organisation, finding the critical vulnerabilities gets only half the job done. We call it WISE™ Vulnerability Management because we would like to travel the extra mile and take it upon us help you manage the findings and get them patched or at least addressed with a defined timeline.

Scope of Scan
Thick Clients/ APIs/ Web Services
We carry out security assessment of cross platform thick client applications, SOAP based or RESTful web services and APIs.
Web Apps
We scan web applications developed in technologies ranging from conventional PHP, J2E, .NET to applications developed in specific frameworks like Spring, Struts2, Codeigniter, Nette, Symfony2, Laravel, Zend among others.
Mobile Apps
We scan mobile applications across 4 operating systems - iOS, Android, Windows and BlackBerry.
Type of WISE Scan
Black Box (DAST)
We carry out security assessment of cross platform thick client applications, SOAP based or RESTful web services and APIs.
Grey Box (DAST)
We scan web applications developed in technologies ranging from conventional PHP, J2E, .NET to applications developed in specific frameworks like Spring, Struts2, Codeigniter, Nette, Symfony2, Laravel, Zend among others.
White Box (DAST)
We scan mobile applications across 4 operating systems - iOS, Android, Windows and BlackBerry.
World’s largest team of OSCP Certified Professionals
Execution
Methodology
- Scoping & Application Classification
- Scan Scheduling
- Actual Scan
- Reports & Analytics
- Patching & Certification
Actual Scan
Methodology
Diagnose your digital stack against best in class cyber attacks assessing your people process and technology, to get a quantitative analysis of the risk your business is presently sitting on, along with an actionable roadmap to mitigate the identified gaps.
- Fingerprint Application
- Fingerprint Application Components
- Application Resource Mapping
- App Component Vulnerability Assessment
- Server Side Controls Vulnerability Assessement
Features
Powerful And Accurate Automated Crawling
Automated crawling of AJAX-heavy applications that leverage complex technologies like CRUD, JSON, SOAP/WDSL,SOAP/WCF, XML GWT and WADL Operations.
AI Powered Cloud Based Scan
Powerful Scan divided into 3 layers - Broad Sweep Scan, Lucid Lense Scan and WISE™ Manual Scan. Together they bring out the most comprehensive control list for vulnerability assessment
Extremely Scalable With Multi Threading
Perform multiple scans with the power of multi threading, without losing out on time and precision. You can, in parallel test hundreds of applications without interruptions
Zero False Positive Guarantee
Our post scanning filter allows us to reduce the false positive rate to zero so that the final report generated is both actionable and accurate
Checksum Backdate Recording
While performing our scans, our tool records the state of the code of the page we are scanning such that it can be used for future reference for certification along with finding the change in code that has occurred since the last scan
Business Logic Flow Testing
Sequence of operations in the business logic is checked and any critical flaws are mapped to identify the vulnerabilities
Impact On Production/UAT Environments
WISE™ scan is safe to run on production, QA or UAT environment without hampering their normal functionality and without significantly adding to the incoming traffic requests on the application.
Generation Of Compliance Reports
When the WISE™ Scan is run on an application and all it's components, the tool can provide the percentage compliance of the application to globally accepted compliance standards such as PCI DSS 3.1, ISO 27001, NIST SP 800-53 among others
High Level
Control List

Reports & Analysis
We make 2 reports for every scan we perform.
Technical Report
Containing details of every identified vulnerability, potential technical impact, exhibits and actionable recommendation. This is a detailed report that helps a solutions manager patch the gaps identified.
Manager’s Report
Containing high level details of the identified vulnerabilities, operational impact of each vulnerability, potential financial impact along with the criticality of the identified gap. It also gives a suggested prioritisation for the patch work.
Interested in our VA/PT?
Get in TouchIT'S EASY TO LOCATE US
- US ADDRESS
-
Stanford Research Park
3260 Hillview Avenue
Palo Alto, CA 94304
- INDIA ADDRESS
-
Lucideus House
Plot no. 15, Okhla Phase III
New Delhi 110020
- contact@lucideustech.com