(+31) 04 12 25 00 24 hallo@5pro.com

Mobile security

Onze cybersecurity experts verzorgen app pentesting, appbeveiliging en ethical hacking. Allemaal met het gemak van 24/7 ondersteuning.
Contact

Onze oplossingen

We helpen je met het identificeren en verhelpen van cybersecurity risico’s in jouw organisatie

Diensten

  • Secure protocols development
  • PKI System Implementation
  • Full Cycle Secure Mobile Product Development met Secure SDLC
  • Mobile Software Penetration Testing Service
  • Managed SOC voor Network Protection Monitoring
  • Mobile Security assessments toegepast op communicatie apps
  • Communication/Network Security Solutions
  • Application Security Hardening, Security Hardening Solutions

Producten

  • Secure M2M, communicatie platform
  • Secure Check-In, beveiligingsoplossingen
  • Secure VoIP berichtenplatform
  • Secure SMS oplossing
  • Applicatiebeveiliging SDK’s
  • Network Layer 2 encryptie oplossingen
  • Op maat gemaakte Layer 3 VPN oplossingen
  • VoIP en Video encryptie
  • Robotic telepresence systeem

Our expertise

Pentesting:

  • Static and dynamic; Code scanners (HP Fortify,IBM AppScan)
  • OWASP
  • IoT, automotive, backend, web services, mobile

Software protection:

  • Anti-debug protection
  • Integrity and anti-tampering
  • Advanced obfuscation (LLVM based) for different platforms

Linux:

  • Linux hardening: Full Disk Encryption, Trusted Execution Environment, verified boot, app isolation, App permission model, SELinux, firewall and network hardening
  • LinkEncryptor: Layer 2 traffic encryption with perfect forward secrecy

Secure SDLC:

  • Fundamentally new approach to security:
    embedding security from the very first SDLC stage instead of pentesting ready product
  • OpenSAMM based
  • Fits in most of the PM methodologies; Cost saving

Cryptography:

  • Design and review of custom crypto schemes
  • Hands-on with most of popular crypto primitives (RSA, DH, EC, ECDSA, AES, DES, RC4, Key wrap, etc.)
  • Higher bits public cryptography: DH 8192, ECC 571
  • R&D: post-quantum crypto-primitives; improving OpenSSL pseudo-random generator; secure messaging protocols, adding Perfect Forward Secrecy to VPN

Cryptography and PKI:

  • X.509 based PKI, TLS/SSL, multilayer CAt
  • Key and Certificate Management , secure
    certificates storage/software based
  • HSM: Server based, Client based, on-device
    (SmartCard, SDCard)
  • Perfect Forward Secrecy
  • Specials: certificates regular update, root
    certificates replacement

How  we do it

Quality:

  • Manual QA testing
  • Automated testing
  • Unit tests
  • CPPUnit
  • Cucumber
  • Appium
  • Code review

Functional expertise:

  • Test strategy, planning and design (black-box, white-box, specifications-based, experience-based, structure-based)
  • Manual test execution and reporting
  • Test automation

Tools/DevOps:

  • SonarQube
  • Jenkins
  • HP Fortify
  • Git
  • Static Code Analyzers
  • TestLink
  • ReviewBoard
  • IBM AppScan

Test levels:

  • Unit tests
  • Integration tests
  • System tests

Types of testing:

  • Functional testing
  • Security testing
  • Performance/load testing

Security:

  • Secure SDLC
  • Security testing and pentesting

Hoe zit het met de cybersecurity in jouw organisatie?