Cutting Edge
Services

Diagnose your digital stack against best in class cyber attack vectors, cutting across people, process and technology, along with an actionable roadmap to mitigate the identified gaps.

VA
PT
GRC
Red Teaming
Process
Technology
People

What is
VA & PT?

For the hundreds of applications running inside your organisation, finding the critical vulnerabilities gets only half the job done. We call it WISE™ Vulnerability Management because we would like to travel the extra mile and take it upon us help you manage the findings and get them patched or at least addressed with a defined timeline.

Scope of Scan

Thick Clients/ APIs/ Web Services

We carry out security assessment of cross platform thick client applications, SOAP based or RESTful web services and APIs.

Web Apps

We scan web applications developed in technologies ranging from conventional PHP, J2E, .NET to applications developed in specific frameworks like Spring, Struts2, Codeigniter, Nette, Symfony2, Laravel, Zend among others.

Mobile Apps

We scan mobile applications across 4 operating systems - iOS, Android, Windows and BlackBerry.

Type of WISE Scan

Black Box (DAST)

We carry out security assessment of cross platform thick client applications, SOAP based or RESTful web services and APIs.

Grey Box (DAST)

We scan web applications developed in technologies ranging from conventional PHP, J2E, .NET to applications developed in specific frameworks like Spring, Struts2, Codeigniter, Nette, Symfony2, Laravel, Zend among others.

White Box (DAST)

We scan mobile applications across 4 operating systems - iOS, Android, Windows and BlackBerry.

World’s largest team of OSCP Certified Professionals

Execution
Methodology

Scoping & Application Classification
Scan Scheduling
Actual Scan
Reports & Analytics
Patching & Certification

Actual Scan
Methodology

Diagnose your digital stack against best in class cyber attacks assessing your people process and technology, to get a quantitative analysis of the risk your business is presently sitting on, along with an actionable roadmap to mitigate the identified gaps.

Fingerprint Application
Fingerprint Application Components
Application Resource Mapping
App Component Vulnerability Assessment
Server Side Controls Vulnerability Assessement

Features

Powerful And Accurate Automated Crawling

Automated crawling of AJAX-heavy applications that leverage complex technologies like CRUD, JSON, SOAP/WDSL,SOAP/WCF, XML GWT and WADL Operations.

AI Powered Cloud Based Scan

Powerful Scan divided into 3 layers - Broad Sweep Scan, Lucid Lense Scan and WISE™ Manual Scan. Together they bring out the most comprehensive control list for vulnerability assessment

Extremely Scalable With Multi Threading

Perform multiple scans with the power of multi threading, without losing out on time and precision. You can, in parallel test hundreds of applications without interruptions

Zero False Positive Guarantee

Our post scanning filter allows us to reduce the false positive rate to zero so that the final report generated is both actionable and accurate

Checksum Backdate Recording

While performing our scans, our tool records the state of the code of the page we are scanning such that it can be used for future reference for certification along with finding the change in code that has occurred since the last scan

Business Logic Flow Testing

Sequence of operations in the business logic is checked and any critical flaws are mapped to identify the vulnerabilities

Impact On Production/UAT Environments

WISE™ scan is safe to run on production, QA or UAT environment without hampering their normal functionality and without significantly adding to the incoming traffic requests on the application.

Generation Of Compliance Reports

When the WISE™ Scan is run on an application and all it's components, the tool can provide the percentage compliance of the application to globally accepted compliance standards such as PCI DSS 3.1, ISO 27001, NIST SP 800-53 among others

High Level
Control List

Reports & Analysis

We make 2 reports for every scan we perform.

Technical Report

Containing details of every identified vulnerability, potential technical impact, exhibits and actionable recommendation. This is a detailed report that helps a solutions manager patch the gaps identified.

Manager’s Report

Containing high level details of the identified vulnerabilities, operational impact of each vulnerability, potential financial impact along with the criticality of the identified gap. It also gives a suggested prioritisation for the patch work.

Interested in our VA/PT?

IT'S EASY TO LOCATE US

US ADDRESS
Stanford Research Park
3260 Hillview Avenue
Palo Alto, CA 94304
INDIA ADDRESS
Lucideus House
Plot no. 15, Okhla Phase III
New Delhi 110020
EMAIL
contact@lucideustech.com

CONTACT FORM