Korelogic Logo
Solving Your Complex Core
Business Risks In An Innovative,
Pragmatic, Cost-Effective Way
  Check out the KoreLogic Blog  

pic Assessment Solutions

The services listed in the table below are representative core capabilities. KoreLogic's team will work with you to determine and shape services to your specific needs, utilize your requirements to determine your business risk, and provide you practical technical data, strategies, and remediation approaches that address your specific business objectives.

KoreLogic's seasoned consultants will leverage their depth of experience and will employ an approach that demystifies and translates the technical, social and political complexities of information security into understandable business needs.

KoreLogic knows security. More importantly, KoreLogic understands the context of how organizations actually do business and that real issues need to be resolved.

Service Business Solution KoreLogic
Differentiators / Benefits
Mobile Application Assessment

End-to-end testing (mobile device-to-backend) to verify that sensitive data and service availability are protected.

Ensure that the business benefits of mobile applications do not expose the organization or its client base to the risk that comes with cutting edge technologies.

One of the few security firms with mobile application security testing experience.

A proven track record of testing mobile applications for carriers, ASPs, and vendors.

Web Application Assessment

Penetration testing of a web-enabled application for security weaknesses.

Penetration testing of the infrastructure supporting the web application (for example, network and host).

Ensure business partner requirements and client expectations for secure applications.

Help protect revenue-generating applications

Extensive experience including designing customized tools developed from assessing over 100 business-critical Fortune 500 applications.

Limited reliance on automated scanners - We use proprietary and public domain tools that more accurately simulate a skilled attacker.

Network Security (Enterprise / Targeted) Assessment

Penetration testing.

Measure resistance of networks and systems to attack - Identify security flaws as they appear from outside or inside the security perimeter.

Testing to simulate how a skilled attacker would attempt a "no-holds barred" attack to gain access to a network or to target data.

Structured network, host, VoIP, wireless, or any combination of technical security assessment services.

Test the effectiveness of security measures and the detection and response capabilities.

Test alternative routes into networks (i.e. partner network paths, wireless, phishing, VPN, etc.)

Due diligence / Compliance.

Help confirm understanding of IT security risks.

Our engineers are considered among the best in the industry for pen testing - we have conducted over 200 penetration tests.

Our staff uses a combination of proprietary and open source tools that more accurately simulate methods used by a skilled attacker.

We identify vulnerabilities and their root cause (to reduce the likelihood that the vulnerability will re-emerge) and provide a plan for correction.

Security Assessment of 3rd Party Service Providers and Business Partners

Assessment of security practices and extranet infrastructure security testing.

Help ensure that corporate and client data is protected by the service provider.

Regulatory compliance.

Our engineers have performed dozens of assessments of ISPs, ASPs, and business partners.

Our expertise allows effective interaction with providers and partners to accurately gauge the maturity of their security practices, infrastructure and flag areas of potential risk.

Law Firm Security Assessment

Law firms are increasingly the targets of sophisticated nation-state attackers who seek litigation plans, M&A documents, and client data.

Our Service reduces the risk of this occurring and increases firms' ability to detect attempted attacks.

Identify the firm's critical data and assets. Review the security controls that protect these assets. Test to verify that these controls resist an attack that simulates a highly skilled adversary intent on stealing the most sensitive assets.

We leverage the security best practices we have observed in high-target Fortune 500 firms.

We provide pragmatic recommendations tuned to your firm and organized as quick wins, critical risks and relative strengths.

Product Security Assessment

Technical evaluation of product security strength in addition to product's ability to detect attack vectors.

Determine product security strength prior to release.

Provide publishable independent assessment.

Product development "brainstorming" including critiques of new products, enhancements, etc.

Market intelligence regarding competing products provided there are no confidentiality or IP restrictions to doing so.

Performed this testing (on behalf of our clients, not the vendor) on a variety of security products (or products with robust security requirements) including Cisco, RSA (single sign-on), Foundstone, Google, and several IDS/IPS products.

Analysis conducted by the same staff that performs security testing to detect/resist skilled attackers.

We are vendor-independent; our recommendations are unbiased.

Our team will work with you to determine and shape services to your specific needs, utilize your requirements to determine your level of business risk, and provide you with practical technical data and remediation approaches that address your specific business objectives.

Our seasoned consultants will leverage their depth of experience and will employ an approach that demystifies and translates the technical, social, and political complexities of information security into data that your staff will understand and use.

Korelogic Differentiators

Best practices from KoreLogic's R&D team and real world experience.

Exclusive focus on security R&D and security services.

Expert Methodology.
KoreLogic utilizes real-world and proven analysis protocols. We can think and act like skilled hackers.

Client Relationship.
High renewal and strong references. We interact seamlessly with our clients' management, internal audit, legal and technical staff.

KoreLogic recommends only what is best for the client - period.



Please contact us if you would like more information about our services, tools, or careers with us.
Privacy Policy : Disclosure Policy [pdf] [txt] : Copyright 2016. KoreLogic Security. All rights reserved