Our team of ethical hackers perform comprehensive simulation of unauthorised cyber attacks to detect security vulnerabilities and insecure functionality and identify validated risks associated with your clouds, networks, web applications, blockchains, smart contracts and wireless environments
Vulnerability Assessment & Penetration Testing
Vulnerability Assessment & Penetration Testing examines known and unknown flaws in your web applications, networks, cloud environments, or even wireless networks system.
Rather than simply finding possible vulnerabilities, we aim to investigate whether those vulnerabilities will contribute to an actual breach. These findings allow us to make a collection of specific recommendations for resolving the issues and avoiding a security breach.
Cloud Security & Configuration Assessments
Our Cloud Security & Configuration Assessments offers organizations peace of mind that their network and assets are appropriately configured, adequately secured, and not the subject of an ongoing attack. Our reports include detailed recommendations to help strengthen defenses and improve capabilities in the future.
• Conducting interviews and a documentation review to evaluate the security of enterprise cloud infrastructure
• Reviewing identity and access management, including user accounts, roles, and key management
• Reviewing segmentation and firewall policies against common misconfigurations
• Reviewing incident response policy related to cloud infrastructure, including roles and processes related to an incident
• Assessing posture of cloud storage including object-level storage, block-level storage, and related snapshots
• Reviewing security configuration of advanced service offerings specific to each cloud service provider
• Reviewing security for workloads including virtualized servers, server-hosted containers, functions, and serverless containerized workloads
Blockchain Testing & Smart Contract Audits
CyberHub can test your entire blockchain environment or just the technical elements of it. Testing the entire environment includes reviewing web and mobile applications that interact with the blockchain technology, APIs, ingress and egress points in the blockchain, public key infrastructure (PKI), user certificates, configuration, and networks.
With our expertise in penetration testing, and because Smart Contracts are simply programs stored on a blockchain, we can run Smart Contract audits where we will examine and test the code to ensure design flaws, security vulnerabilities, and coding problems can be identified early on.
• Chain code reviews, where we identify and help fix critical vulnerabilities.
• Blockchain configuration and access control review, where we assess the certificate authority, PKI, remote nodes and block producers, developer access code repository security, and integration with off-chain code.
• Blockchain Static and Dynamic Application Testing, including testing wallets, databases, GUI, Application logic, and Integrity Testing
• Blockchain documentation and policy review, where we help developers, architects, and risk owners develop security policies, procedures, and controls.
