electric alchemy

• home
• services
• case studies
• company
• partners
• contact

Services

Mobile Application Security Assessments

Vulnerability Assessment, Penetration Testing & Code Review

“Red Team” and Social Engineering Assessments

Incident Response

Compliance Consulting

Training

Vulnerability Assessment, Penetration Testing & Code Review

From blackbox infrastructure assessments to greybox web application tests, security assessments are our specialty. Relying on extensive experience performing manual ‘ethical hacking’ rather than depending on automated tools, EA consultants have a proven track record of finding flaws that other assessors miss.

We actively support the Open Web Application Security Project (OWASP), and several of our consultants are well known experts in the field of Web Application security.

Web Site Vulnerability Management

EA’s strategic partner WhiteHat Security Inc. delivers effective vulnerability management for your public facing or Intranet web sites at affordable rates. WhiteHat’s Sentinel solution is delivered as a Software-as-a-Service (SaaS) which provides massive scalability and the ability to start detecting and mitigating your web application vulnerabilities immediately, without the expensive CapEx or learning curves associated with traditional commercial web app vulnerability scanners.

Web Site Vulnerability Remediation

Vulnerabilities discovered by the WhiteHat Sentinel service can be remediated rapidly by implementing “virtual patches” into supported Web Application Firewalls (WAF’s). EA consultants work with your company to help implement these quick-fixes, and can also help your staff develop changes to your code or architecture to permanently mitigate the vulnerabilities.

Penetration Testing

EA consultants have the “security mindset” and are expert at finding vulnerabilities in your applications, systems and networks that are often overlooked by other assessors. We provide expert assessment of your External and/or Internal systems to help you find and fix problems before the bad guys do.

Code Review

Are you deploying a particularly sensitive application? While blackbox testing can be very effective at identifying many security issues, combining blackbox testing with source code review (known as greybox testing) is the best way to gain maximum assurance. Our consultants provide expert security code review services for several popular web application development languages and frameworks, including C/C++, .NET, Java, ObjectiveC, PHP, Coldfusion, python, and Ruby.