Our Security Audits are based on industry-accepted standards such as, CoBIT, and legal requirements specific to the industry and country. The auditing approach is designed to cover all aspects of security including People, Processes and Technology. Our consultants are certified as CISSP, CISA, ISO 27001, and GCIA. More importantly, they possess possibly the widest array of technical expertise (see 'Technical Expertise').

Previous clients for whom we've conducted security audits include Northwestern Mutual, Western Railways, Prudential ICICI, CapGemini, Reliance Asset Management and others. See our complete client list.

Previous experience in this segment includes application security assessments for CRM and ERP software of large manufacturing and financial firms, e-commerce applications for some of the largest online stores, and client-based encryption software among others. Our skills in this area are demonstrated by the bugs we find in mission critical software from vendors such as Microsoft, Oracle, Macromedia and Nortel. Read our list of advisories here.

Industry Expertise
We have conducted security audits for a wide variety of industries including the following:

  • Pharmaceutical
  • Banking and Financial Institutions
  • Information and Communications Technology (ICT)
  • Hospitals & Healthcare (HIPAA)
  • BPO, Call Centers, and ITeS
  • Telecommunications
  • Media & Marketing
  • Manufacturing
  • Trading
  • Aviation
  • Stock Exchanges & Stock Brokers
  • Insurance
Technical Expertise
Area Technologies
Operating Systems Windows NT, 2000, 2003, Linux, Sun Solaris,HP-UX, IBM AIX, Open VMS, Novell Netware, IBM OS/2
Databases Oracle, SQL Server, IBM DB2, MySQL, PostgreSQL, Sybase
Firewalls Cisco PIX/ASA, Checkpoint, Netscreen, Watchguard, Sonicwall, Fortigate, Web Application Firewalls
Intrusion Detection Systems     ISS RealSecure, Cisco Secure, Dragon IDS, Fortinet, Snort
Network elements Routers, Switches, Load Balancers, Layer 7 Switches
Code Reviews C/C++, Visual C++, Java, PHP, ASP, ASP.NET, Perl
Web Servers IIS, Apache, Tomcat, Netscape Enterprise
Messaging Servers Microsoft Exchange, Sendmail, Qmail, Lotus Domino
Others SAP, Active Directory, ISA Proxy, Squid Proxy

Previous AssessmentWireless Auditing
Next AssessmentPenetration Testing