Understanding your digital security
Optimally securing websites, Web services and mobile applications is a difficult challenge for many companies. They do not always have the specialized knowledge of and required experience with security testing, and the legal rules around data management are additionally becoming increasingly stringent. Security problems are also increasingly visible in the media, resulting in reputational and financial damage. Using security testing, Polteq gives you insight into your security problems and helps you with the necessary measures and training.
What is a security test?
The essence of our security test is the analysis and assessment of security risks to your organization, called a risk analysis. In this we distinguish several phases:
Strategy definition and implementation
During the first phase of security testing, we determine what risks your organization wants to protect against and which specific website, web service or mobile application we need to test. This is done with consideration of your organization’s security policy. This results in a strategy and schedule for the security test.
The second phase involves implementing the above strategy: we look for the gaps in security, something referred to as “penetration testing”. To do this, we use techniques such as code reviews, technical tests, developer interviews, architecture reviews and configuration reviews. The result of this search is a report that includes a description of the scope, an overview of the tests performed, a summary, detailed findings with a classification and a plan of action with concrete measures.
Resolving security issues and retesting
During phase 3, we discuss our findings with all stakeholders: including developers, architects, project managers and business owners. We complete the risk analysis by jointly assessing the impact of each identified security problem. After resolving the security issues, we do a new security test for your organization. We verify that the solutions work and that they have not created new security risks. With security testing, Polteq provides:
- Raised awareness and improved knowledge of security in your organization
- Optimal understanding of the security of your website, web services and mobile applications
In addition to improving security, we also help you improve the knowledge of security testing within your company. You can come to us for training, coaching-on-the-job and for testing websites, web services and mobile applications.