• SERVICES
• Security Planning & Design
  • Fraud and Anti-Fraud
  • Threat Modeling
  • Training
  • Infrastructure Review
• Secure Software Development
• Security Testing
  • Comprehensive Penetration Testing
  • Code Review
  • Cursory Security Review
  • Reverse Engineering and Defense
  • Malware Analysis
• SDL Pro Network

Call or email us now for answers or to request a free consultation. 888-869-6708

Security Planning & Design

Before you start investing precious time and resources in building your product, leverage our experience to make sure it incorporates the latest in security design. Our experts will review your plans and identify opportunities to prevent exposure to existing and emerging security threats.

Casaba works closely with in-house design and development teams to ensure maximum security every step of the way. Review the following links for examples of how these services can be applied, or continue reading.

• Fraud Detection and Defense
• Threat Modeling
• Training
• Infrastructure Review

Conceptual Phase

Integrating security at the conceptual phase (pre-design) can aid your team in identifying threats and roadblocks to the success of a product.  

Our depth and breadth of experience spans many industries, technologies and business models, enabling us to apply practical security models to even bleeding edge theoretical concepts. 

Design Phase

Integrating our services at the design pase is critical to developing a low vulnerability count down the road. While Casaba does not sell canned security solutions, our rich knowledge base does enable us to provide proven techniques.  Casaba is well versed in security best practices for core design requirements such as:

• Attack surface reduction
• Authentication
• Authorization
• State tracking
• Cryptography
• DoS resistance
• Exploit resistance
• Input validation
• Disaster Recovery
• Monitoring
• Logging and repudiation
• Intrusion Detection and more.

Casaba can review specifications and requirements to find areas of exposure or weakness.

Development Phase

Casaba can guide the development team through all applicable SDL requirements. During development, the Casaba team can:

• Review the development practices to ensure proper application of secure coding standards and compiler protections.
• Perform static analysis of the source code to identify vulnerability.
• Review proposed configurations and deployment scenarios.
• Read any public documentation and code or SDK samples to find flaws or issues that might put customers at risk.

Testing Phase

With a feature-complete product, the testing phase provides a great opportunity for Casaba to pass along valuable knowledge to your test and development teams. Casaba can aid in the development of security test cases, prioritized and relevant to your business objectives.

As fully integrated virtual test team members, we execute tests, report bugs and help developers triage vulnerabilities. Testing can verify the intended defensive mitigations work as expected. Testing can include input and fuzzing of protocols and custom parsers. When vulnerabilities are identified, we help developers triage, understand how to mitigate the issue, implement regression tests, and prevent recurrence.