Security Testing / Audits / Reviews

Our security testing, security reviews, and audit services are product neutral and independent. Affolter Engineering offer consulting and support in the matter of the qualification and the quantification of the level of security of your environment.

Information gathering

These days is all about information…The collection or gathering of information about involved systems, infrastructure (physical and operational), and processes in an security assessment is a very important step. Often is shown that too much is leaked to the public.

Security testing

Security tests are a method to evaluate the level of security. This will most of time include computer systems and networks. The whole process consists of active analyzing the target for vulnerabilities, weaknesses, and technical flaws.

Application review

A flaw in an application can become a threat for the host or compromise your information security. In an operational state web applications are exposed in the one of the first lines on public or private networks. An application audit can detect vulnerabilities and weaknesses.

Network audit

An audit of the network infrastructure or single components can to improve the level of security. The examination and the evaluation of firewalls, intrusion detection systems (network or host-based), communication protocols, transmission encryption, and even policies will give a good feedback about the state.

Affolter Engineering develop, support, and maintains the Fedora Security Lab, Alpine Security and Rescue, and the Fedora Security Lab Test Bench which all provide an environment to work on security auditing, forensics, system rescue, and teaching security testing methodologies.