Vulnerability Assessments

A vulnerability assessment will uncover and identify potential flaws and risks the target has and stop there. No significant attempt to compromise the target will be attempted past basic flaw validation and documentation.

Though we use some automation in our process, much work is done by hand. This is truly the only way for an assessment to have any value. It will likely be the attacker's human factor that finds and exploits an issue. We take the same approach and view the target as an attacker would.

Our product to you will be a documented list of findings, details about these findings and how to reproduce them, and potential solutions.

We offer two categories of assessments:

Network Vulnerability Assessments

A tailored assessment of the potential vulnerabilities and risks associated with your network and its interconnection with the Internet. This is the most comprehensive vulnerability assessment we offer.

Web Application Vulnerability Assessments

This custom assessment is targeted at a specific web application.  SQL Injection, cross site scripting, code execution, file inclusion, content modification, and privileged access are items, as appropriate, we look for. This is not an inclusive list as each web application is unique and will be treated as such.

Incident Response/Handling

Need your team augmented, or just plain need a team? Got something specific to your environment going on, no problem. Let us help! Have someone on-site that can image systems? Ship us the image and we can have a look.

Malware Reverse Engineering

Have a specific binary that has been recovered from one of your compromised hosts, but don't trust your Anti Virus vendor to tell you what it does? Find something that doesn't belong on your web server? Well, we can give you the gory details of what it does. Our analysis will contain, among other things, specific forensic footprint items you can use to search other hosts or network traffic. We will provide you with an in-depth analysis of what the code does, how it operates, and methods for identification.

Linux Host Deployment and Management

Need to outsource your Linux Administration? Contact Us!

Network Services Log Data Security Analysis

Have some log data you would like examined from a security perspective? We can take a look.

Other Information

8th Day Technologies, LLC considers all projects on a case-by-case basis. Many factors go into deciding to accept or decline a project such as, but not limited to the technology implemented by the client, our own expertise, the scope of the project, current workload, and potential overall value to you, the customer. All work will be done under specific Non-Disclosure Agreements between the client and 8th Day Technologies, LLC.