Security

The last major security incidents have shown that IT Security must have high priority in companies to protect sensitive data from unintended or unauthorized access, change or destruction. With our offer we want to help our customers to understand the potential risk, identify vulnerabilities, protect the environment against attacks and train employees to minimize the security risk. Our offer comprises:

Security on all relevant layers of the IT lifecycle

Continuous code reviews during development with special focus on security

Training for security aware development

Best practices from security point of view:

E.g. fast or fully automatic detection of SQL injection vulnerable code

Techniques against session high jacking and XSS in general

Load Tests on all relevant layers

Network layer

DB layer

Application layer

Web layer

Security training for administrators

Implementation of high secure and extremely cost efficient enterprise grade firewalls

e.g. based on Linux iptables with connection tracking in active/active clusters

Implementing of Auditing

Strategies for minimizing the impact of denial of service attacks

Graceful switching of network traffic

Fast or automatic creation of firewall filters

Flexible web and application server farms for dynamic load distribution

etc.