Aarisha provides security consulting and assessment services for web-based and other applications including penetration testing, source code review, database analysis, and secure application development training to clients.

These services provide assurance that applications are securely designed, deployed, and defended against costly compromise

We provide the leading edge in application assessment methodologies, application design and defense techniques, and vulnerability research, including:

Secure Application Design

• N-tier application security architecture
• Network and application security control
• Web services security
• Development process consulting to securely enable business applications
• Compliance designs for Visa CISP, Mastercard SDP, GLBA, SOX, HIPAA

Secure Application Defense

• Application native security control implementation
• Application firewall and IDS implementation
• Network security control implementation appropriate for applications
• Incident Response handling and Digital Forensics on application compromises

Application Security Analysis

• Web Application Assessments
• Source Code and Binary Analysis
• Application Threat-Modeling and Architectural Analysis
• Web Services and ActiveX Analysis
• Database Security Analysis (MSSQL, Oracle, DB2, Sybase, Informix)
• Compliance assessments for Visa CISP, Mastercard SDP, GLBA, SOX, HIPAA

Application Security Training

• Web Application Security
• Database Security
• Business processes to support secure application design & deployment