Vulnerability Assessment and Penetration Testing

We offer comprehensive VA/PT services for testing the security of your Infrastructure. Our Penetration Testing approach, the Pentest++ is essentially different from other traditional approaches, which only focus on the smaller picture. The Pentest++ includes client side exploitation, 0day attacks, social engineering etc.

Web Application Penetration Testing Services

Web applications have recorded a huge growth in the recent time. Almost every organization present around wishes to have its business and management online for quick and effective business processes. The risk and concern over the security of the web applications have grown along its popularity. The web applications may expose customer information, financial data and other sensitive and confidential data if not configured properly. Ensuring that web applications are secure is a critical need for organizations today.

Web Application Code Review Services

Source code review is an exercise use to remove programming errors in an application that could cause malfunctioning or compromise the security. We at Secfence strive to provide a secure essence to your applications. Our unique source code review process shall expose the level of security in your applications.Our application testers can quickly identify possible code defects from security perspective and help in suggesting a secure code layer.The review process is a combination of a hybrid approach of manual assessment as well as various commercial and non-commercial tools.

R&D services

Secfence takes pride to have an exhaustive experience in Research and Development on many things related to information security. R&D is the heart of our activities. We have carried on successful R&D on malware development and emulation, network attack vectors and prevention, rootkit techniques, MBR based bootkits, anti-malware heuristics engines, exploit development techniques and engines to name a few. Having the industry wide alliance and human resource gives us the confidence to carry out R&D on most specific requirements.

Malware Analysis & Emulation

In depth analysis of malware (including memory change analysis, malware family classification, unpacking and disassembling malware, removing anti's, emulation of c&c and malware network) is carried out to trace the malware to its origins.

We help in developing specific malware removal utilities and tools to fight the malware which are targeted towards a specific organisation/group.

Cyber Crime Investigations

Cyber Crime Investigation is the collecting, analyzing and investigation of digital evidence and cyber trails. Cyber Crime Investigations incorporate various activities such as mail tracing, media & network forensics, memory forensics, activity logs analysis, ISP log analysis, mobile phone forensics etc. We undertake systematic collection of evidence to maintain its validity for legal admission.

Onsite Security Operations Centre

Many organizations which have sensitive/strategic operations find it a challenge to privately manage its security operations. Outsourcing to the vendor's site is not an option, as complete surveillance of the operations is critical. Onsite dedicated human resource from the industry combined with our experience in managing critical/sensitive security operations privately and securely provides the organization a solution to this peculiar problem. We help in designing and deployment of Security Operations Centre at customer's site.

Lawful Interception Services

We have designed and deployed numerous solutions to monitor gateways, ISP nodes, cybercafés and the likes. We have developed solutions to scan malicious and interesting traffic over protocols like VOIP, FTP, HTTP and platforms like emails, chats etc. Even in cases where anonymity solutions (Tor, VPN, proxies) are used, traffic is traced to the first node, and node is matched to our database of anonymity service providers. Tagging of specific IP's and analysis and pattern finding is carried on to gather further statistics.

Anti-Malware Software Development

Sensitive and strategic organizations can rely on publicly available anti-malware software to only some extent. Custom anti-malware software development is needed in the cases where infiltrations by specific strains of malware are repetitive, and sampling of malware is not an option due to privacy concerns. We have experience ranging from development of specific malware removal utilities, to the development of full-fledged anti-malware detection heuristics engines. Proprietary anti-malware detection engines leverages the organizations safety by keeping the algorithms private, and hence not giving the attacker the advantage of testing the malware detection beforehand.

Intelligence Analytics

One can have a plethora of raw data sitting, and yet have no actionable intelligence derived from it. We implement and design data mining and analysis tools, utilities and techniques to generate actionable intelligence. Our solutions vary from implementing public commercial tools to developing proprietary and customized data collection and intelligence software.

Information Security Training

Mr.HiTech can undertake customized & advanced infosec training.

Mr.HiTech Offers

Short term courses of one day to one month on topics such as Database Security, Ethical Hacking, Perimeter Security, Security Engineering, Web Application Security, Wireless Security, Security Administration Linux, Cyber Forensics, Cyber Crime, IT Law, Mobile Security etc.