We are at the forefront of security research in the region. Our research activities encompass.
- Ffinding security vulnerabilities in mission-critical software and releasing advisories
- Developing and releasing free security tools
- Writing papers, articles
- Making presentations on various aspects of security
Results from our vulnerability research also go into various products and services as inputs, which contain actionable and accurate information about the latest security issues.
The outputs from our research also go into updating our proprietary suite of auditing software - AuditPro.
We were happy to organize this year’s successful event Web War CTF IV at the SecurityByte Conference 2011.
Our penetration testing team find security bugs in various mission-critical software from vendors such as Microsoft, Oracle, Nortel, Macromedia, etc. We also believe in responsible disclosure and co-ordinate with the vendors before releasing information about these bugs.Latest Advisories
File Format Parsing Vulnerability (CVE-2010-3232)
Real Networks RealPlayer RealMedia Memory (CVE-2010-4386) Heap Corruption Vulnerability
Our research initiatives shape into papers and articles published at various security-related and IT audit-related sites. Some of the latest papers and articles are listed below
IT Audit: Key Strategies for Implementing ISO 27001
Security Focus: IDS Evasion, Revisited
Our consultants have presented at various international conferences including BlackHat, Networld+Interop and IT Underground. Our presentations and ideas have been well-received by information security experts across the world.
IT Underground, Prague, 2006
Corporate IT Security Conference, Mumbai
Our team also writes Snort signatures for attacks.
Snort SACK TCP Option Handling Remote Denial of Service Issue
Microsoft ASN.1 Buffer Overflow Exploit
We have also written tools for enforcing password complexity in SQL server, brute-force attacks on SQL server accounts, dumping Windows security information, etc.