In-depth whitebox penetration testing services identify design and implementation security weaknesses, and provide best practice guidance.
Tailored threat assessment services investigate and analyse technical threats, and advise on pragmatic countermeasures.
With world-class security expertise, our consultants work with your organisation on special projects to make sure security is built into each initiative.
An elttam Partner will work closely with you and leverage the full capabilities of the elttam team to ensure a successful project.
Independent security expertise expands the capability of your information security program, from strategy through to delivery.
A dedicated security specialist collaborates with your team, providing elastic security resources to meet your requirements.
elttam were engaged to develop a strategic, secure Software Development Lifecycle (SDLC) for a large global digital organisation. The organisation has hundreds of developers both onshore and offshore who create a range of software from common web applications through to low-level firmware code. The scope of elttam's work was to review the circumstances of all software development and recommend how to strategically incorporate security during software development and minimise application security risks.
elttam identified a number of key findings that significantly impacted existing application security and highlighted the urgent need to develop a strategic SDLC. elttam provided an in-depth analysis of the circumstances and root-cause of each finding, a secure SDLC maturity roadmap, and recommendations to address each finding. Ultimately, elttam helped the organization put in place a progressive application security function.
Since the engagement, the client has built a new specialised team. The organisation has had a significant cultural shift for managing security risks.
elttam were engaged to review a secure connectivity hardware solution to be used by important individuals who travel frequently. The scope of this work was to complete an independent security review of the solution, and to identify and report on technical weaknesses.
elttam assessed the security guarantees of the device, using hardware hacking and reverse engineering to survey its physical and logical attack vectors. The final deliverable was an assessment report, which consisted of a clear executive summary, in-depth attack scenario analysis, and writeups (including supporting code and reproduction instructions) for vulnerabilities identified in both hardware and software. A few of these findings were extreme or high risk.
Since this engagement, we are happy that the client has returned to us for subsequent hardware device hacking projects.