Send e-mail to ACROS SecurityACROS Security's public PGP key  
Home . Services . References . Advisories . Research . News . Company . Blog
     

ACROS Application Security Analysis

A service that exploits our extensive and unique knowledge to the limits, ACROS Application Security Analysis is the ultimate vulnerability-exterminating process to which you can subject a software application or a product that employs software in any way.

We have a reputation for continually finding numerous critical and original vulnerabilities in products that have been designed and implemented by highly security-knowledgeable people, reviewed using various automated tools like Fortify or Coverity, and even manually analyzed by other top-notch security experts. We always welcome a challenge and work hard to maintain this reputation; having our satisfied customers refer new customers to us allows us to save marketing money and keep our prices lower than our competitors in the highest-quality league.

In contrast to many other security teams, we do not specialize in any particular technology, computing platform, operating system or computing language. While this requires constant learning about the "targets" our customers confront us with, our 13+ years of practicing such non-specialization has resulted in two kinds of abilities we're very proud of:

  1. Ability to rapidly obtain relevant security knowledge
    for any new technology

  2. Ability to find atypical vulnerabilities due to our
    experience with seemingly unrelated areas
These abilities, along with the knowledge we've acquired about many different technologies, make us especially valuable to customers who develop rare and unique products for which it may be difficult or even impossible to find security experts with any prior experience in the particular technology.

See what some of our customers have said about us.

. Reference Projects
. Customer Quotes
. Services

. ACROS Application Security Analysis
  Frequently Asked Questions
  






. Customer Quotes

"We routinely engage ACROS Security when we need a security review of our most popular products."

(CSO at a leading software vendor with multi-billion dollar revenue)

We find critical vulnerabilities in products built by security-knowledgeable people, reviewed with automated tools and analyzed by other experts

ACROS Application Security Analysis is not a vulnerability scan. While we may use commercial or in-house tools for automated assistance with finding potential vulnerabilities, most of our customers have already employed various vulnerability scanners before they hire us - and let us deal with the hard problems: logical flaws, border cases, vulnerabilities in product's unique features, and hundreds of possible security errors that even the most advanced tools will always be unable to grasp due to their lack of imagination and logical thinking.

Typical users of this service are:

  • Software manufacturers that produce applications which are either processing sensitive data or are being installed on millions of machines hire us to find vulnerabilites in these applications - usually before releasing them to the market.
  • Organizations that develop their own applications or purchase custom-made software hire us to find vulnerabilities before they deploy these applications - often saving money by requesting their software providers to fix the identified flaws before purchase is completed.
  • Online service providers hire us to find vulnerabilities that could allow attackers to damage their business model by stealing users' identities, money, personal data or belongings.
  • Companies that are about to acquire other companies or products hire us to evaluate the security of their intended targets of acquisition in order to assess future costs of fixing, to identify hidden design flaws, or to obtain quality information for negotiations.
  • Companies that have already acquired other companies or products hire us to help them identify and eliminate vulnerabilities as part of due diligence.

 

When malfunction or data leak could cause millions of dollars
of damage, every vulnerability counts

Products that we've so far analyzed for our customers include:

  • Online banking systems
  • Mobile and desktop banking clients
  • Online payment systems
  • Windows and Linux desktop applications
  • Online marketplaces
  • Social networking sites
  • Web browsers
  • E-health systems
  • Multi-functional devices
  • Virtualization solutions
  • Language interpreters
  • Graphical rendering engines
  • Credentials management systems
  • Single sign-on client/server solutions
  • Web server security add-ons and plug-ins
  • Customer management systems (CMS)
  • Back-end banking applications
  • Smart card applications
  • Web applets and ActiveX controls
  • Document editing and rendering software

See some of our reference projects.

We know that a high-end security analysis like this does not make sense for every software product. A low volume online store or a desktop application that doesn't have many users or has no access to sensitive data may find optimal security in an occasional vulnerability scan and a quick security review. But if your business model is being supported by software whose malfunction or data leak could cause millions of dollars of damage, that is where every vulnerability counts. And that is exactly where we bring most value to our customers.

ACROS Application Security Analysis is your path to extermination of digital vulnerabilities.

Find more information about ACROS Application Security Analysis in Frequently Asked Questions.

To order an ACROS Application Security Analysis, contact security@acrossecurity.com or call +386 2 3000 280.

Copyright & Disclaimer ACROS, d.o.o. All Rights Reserved.