MANDIANT offers a comprehensive set of threat intelligence, host and network managed services.
MANDIANT consultants have significant experience analyzing all types of application software for security issues. Our teams leverage expertise in software development, secure coding practices and a broad array of testing techniques to provide distinctive assessments that go beyond simple automated scans. In addition to performing application security assessments, MANDIANT can also help improve the security of developed software through a review of your Software Development Life Cycle (SDLC) to identify areas where security can be integrated into the application development process.
MANDIANT performs a thorough analysis of your application to identify vulnerabilities, ascertain their severity and demonstrate how they can be exploited. Our consultants are experienced with a variety of software development platforms and can assess any type of application, be it web-based, “thick-client”, middleware, or for a mobile device. MANDIANT uses a combination of automated scanners, custom tools and manual processes to detect and examine weaknesses in application security controls, and can test from the perspective of users at multiple privilege levels. We also draw upon our Forensics and Incident Response experience to understand and replicate the latest attack techniques commonly used .
Using techniques similar to our Application Security Assessments, MANDIANT can perform security assessments on third-party software that a customer is considering for purchase or deployment within their enterprise.
The best way to improve software security is to prevent the introduction of security issues during development. To this end, MANDIANT can work with your development groups to enhance software development processes and integrate security at the appropriate milestones in the Software Development Life Cycle (SDLC). A small investment in security during development can drastically improve the security of developed software and reduce security related maintenance costs.
MANDIANT also provides application security training classes to developers and security professionals. Details on these classes can be found on the Education portion of this web site.
