Services

Web Application Security

We provide a thorough security examination of web-based applications. The objective of the service is to ensure that the application is securely deployed, configured and written with all security considerations in mind. Our focus is to identify all web-based vulnerabilities exceeding those covered by the OWASP Top 10, including, but not limited to:

  • Cross-site Scripting (XSS) of all types: reflected, persistent and DOM-based
  • Cross-site Request Forgeries (CSRF)
  • Remote Command Execution
  • SQL Injection of all types: blind and error-based
  • Directory Traversal
  • AJAX Insecurities and JavaScript Hijacking
  • Control-return Line-feed (CRLF) Injection and HTTP Response Splitting (HRS)
  • Weak Session Management
  • Privilege Escalation
  • Side-jacking
  • XML Manipulation
  • Session Fixation
  • Insecure Storage
  • Information leakage in public resources

Penetration Testing

Penetration testing simulates an attacker attempting to gain access to a specified target server or application. We provide Onsite and Offsite penetration testing services which may include Black Box, White Box or Crystal Box approach to the given task. A penetration test involves the use of automated testing tools as well as manual test methods to review the security from an external or internal perspective.

Data Leak Testing

This test will help ensure no sensitive materials and prohibited data is leaving or entering your network.

Host Hardening Review

Our team can perform configuration and deployment reviews on a wide range of operating systems and devices, to ensure they are configured and deployed in line with industry best standards. This ensures that systems are running with the smallest attack footprint possible, are fully patched and configured in the most secure manner.

Security Training

Secure Coding For Web Applications

This course will teach attendees about the common vulnerabilities in web applications. The course will cover how these vulnerabilities can be located, exploited, and prevented through proper coding standards.

Web Application Testing

This course will allow internal security staff to gain skills and understanding of the processes used during a web application test. This will allow them to perform internal application reviews with a high level of confidence.

Managed VPN

We eliminate the need for your company to keep a full time IT around by leasing you our cutting-edge, high-availability VPN access servers for your road warriors and other company needs.

Secure Hosting Platform

We know how difficult and complicated to setup and secure your own servers, or worse – trusting your hosting provider. RED SECURITY has a dedicated team constantly monitoring and tweaking our Secure Hosting Platform.