With this "Vulnerability Extermination" service we find security defects in banking, commerce, business, mobile, virtualization, security and other software that you develop or use before anyone else finds them.
Some of our most demanding customers hire us for finding critical vulnerabilities in products built by security-knowledgeable people, reviewed with best automated tools and analyzed by other experts.
And they like what we find.
In a simulation of a real "Advanced Persistent Threat" attack against your information system, we become your friendly attacker and try to penetrate into the most
critical parts of your networks, databases, services and applications in a controlled and managed fashion.
A test like this is the only way to see how well you're really prepared for a targeted attack.
We help you reach informed security-related decisions in application development, when setting up online services and protecting your IT infrastructure.
"We routinely engage ACROS Security when we need a security review of our most popular products."
(CSO at global software vendor with multi-billion revenue)
"We've been leveraging ACROS to perform pentests on most of our acquisitions and we've been very happy with their services."
(Project contact at leading global online company with hundreds of millions of registered users)
It has always been our strategy not to specialize in any particular technology. We're constantly surprising our customers with security defects in desktop or mobile applications, on any operating system, in office devices, network equipment and appliances, complex web applications and online banking systems, anywhere from smartcard applets and web applications to virtualization engines and language interpreters.
Many of the world's largest software vendors have fixed vulnerabilities we reported to them and thanked us for helping them keep their users secure.
About ACROS Security
ACROS Security is specialized in providing advanced security analyses of products and systems. Our in-depth security research pushes the boundaries of global knowledge, keeps our customers ahead of competitors and users safe from attackers.
We work for leading financial institutions, software vendors, online service providers, cloud providers, virtualization solutions providers and others who consider security of their products, information and services critical.
...for updates on our security research.
ACROS in the Media (highlights)
SecTor, "If Vendors Won't Patch Their Software, This Firm Will"
Help Net Security, "Actively exploited zero-day in IIS 6.0 affects 60,000+ servers"
Help Net Security, "Reinventing software patching, curing big security holes" (podcast)
BetaNews, "0patch pushes out another Windows patch, but will leave the real work to Microsoft"
SC Magazine, "Third party develops temporary patch for Microsoft flaw that Google disclosed"
Softpedia, "Unpatched Windows Vulnerability Made Public by Google Gets a 3rd-Party Fix"
RTL Nieuvs, "Softwaredokter 0patch houdt je computer automatisch veilig" (in Dutch)
TechBeacon, "Crowdpatching call-to-action: How micropatching can make it happen"
Help Net Security, "0patch: Microscopic cures for big security holes"
TechTarget, "Crowdsourced vulnerability patching could save us all"
>> More media references...
0patch blog: Micropatching a Hypervisor With Running Virtual Machines (CVE-2017-4924)
0patch blog: Exploit Kit Rendezvous and CVE-2017-0022
0patch blog: 0patching the RSRC Arbitrary NULL Write Vulnerability in LabVIEW (CVE-2017-2779)
0patch blog: 0patching Foxit Reader's saveAs "0day" (CVE-2017-10952)
0patch blog: 0patching the Quick Brown Fox of CVE-2017-0283
0patch blog: 0patching the 'Worst Windows Remote Code Execution Bug in Recent Memory' CVE-2017-0290
0patch blog: 0patching the 'Immortal' CVE-2017-7269
0patch blog: 0patching another 0-day: Internet Explorer 11 Type Confusion (CVE-2017-0037)
ACROS presented "Fixing the fixing" at the RSA Conference 2017 In San Francisco. Slides are here
>> More news...
0patch is a platform for instantly distributing, applying and removing microscopic binary patches to/from running processes without having to restart these processes (much less reboot the entire computer). Brought to you by ACROS Security.