ADDSecure.Net
ADDSecure.Net Inc. (formerly CSCI Computer Security Canada
Inc.) is an independent and impartial company that provides
highly efficient and reasonably priced security audit services
for Internet/Extranet servers and workstations. ADD in our name
stands for Audit and Due Diligence.
Operating world-wide, ADDSecure.Net Inc. assists governments
and industry in protecting their corporate image, intellectual
assets, privacy of personal and proprietary data entrusted to
them by their clients and employees, and investments in
electronic commerce solutions. Our ADDSecure.Net and
appSQA services to audit Web and code security are offered
to corporations, government agencies and financial institutions
that must maintain sensitive data on their servers and networks.
Our Web Site
ADDSecure.Net Inc. Web site (http://www.ADDSecure.net)
includes extensive information on online security breaches, and
cutting-edge journal and discussion forum featuring the latest
developments in ecommerce security.
Company Details
Year Established:
1997
Number of Employees:
10
Company Information
Nahum Goldmann
Title:
Data Provider
Telephone:
(613) 733-4135
Email:
Click Here
Services
Addsecure.Net Audit
Appsqa Source Code Audit
appSQA Source Code Audit, a service offered by
ADDSecure.Net Inc., provides program testing and code
inspection of Internet applications to uncover security and
quality
assurance flaws. This original service is being offered
worldwide to developers, system integraters and users of
mission- critical Internet, intranet and Extranet applications.
To
corporations that are concerned with the security of their
online
services, appSQA provides the best line of defense when
implementing ecommerce, Internet banking and transactional
delivery of administrative services.
The appSQA service includes program security testing and a
thorough review of programming source code for Internet/ Web
applications written in programming languages such as Perl, C,
C++, Visual Basic or Java. Taking into account the known
security risks for a particular platform and the latest security
patches, our professional code auditors implement a series of
tests on the program to locate any security weakness or breach
of
corporate security policy within the application.
The auditors perform a line-by-line inspection of the
programming source code to identify new problems relating to
security. In addition, they look for any malicious code that
employs helper programs on a user's hard disk to access
unauthorized files and deliver them to the application's author.
Once the testing and code inspection phases are completed, the
auditors generate a comprehensive, easy-to-read report detailing
the code deficiencies uncovered in the analysis. If warranted,
some suggestions on the ways to remedy the problems might be
included in the report.
The appSQA service only checks for flaws in programming
which may lead to security breaches. It does not involve any
quality assurance testing for program functionality or
presentation. In other words, we will only test your program to
see if it violates system integrity, not to see if it performs
correctly.
This powerful audit service has been developed in response to
numerous requests from ADDSecure.Net Inc. clients. There is a
growing concern for web transaction security, particularly in
light
of numerous security breaches that occur even to high-profile
industry, banking, military and government Web sites (e.g., see
http://www.ADDSecure.net/breach.htm). With the increased
sophistication of hackers and the proliferation of intrusion
attempts on a global scale, along with the rising competitive
pressure to provide interactive services through the Internet,
public agencies and private corporations need to ensure that the
integrity of their data, and that of their customer's, is well
preserved.
The price of appSQA service depends on many factors, such as
the operating system used, the complexity of programming
language, the programming culture and QA control of the
development team. The exact price for the appSQA project can
only be obtained if at least a 300-line sample code has been
submitted to ADDSecure.Net. But generally our charge for such
work starts from US$5 per line of code. A minimal charge might
apply.
To order appSQA service or for more information, please fill
out an Order Form or email us: sales@ADDSecure.Net.
Snapshot Security Review
SNAPShot is a 'minimum hassle' US$1650 (US$1500 if
ordered online) Security Review that reports whether the
network is vulnerable to the prevailing types of threats. This
simple but powerful service has been developed in response to
numerous requests from our clients and could become an integral
part of their ongoing corporate Quality Assurance process. It is
being offered world-wide to corporations, government agencies
and financial institutions that must maintain sensitive data on
their Web sites.
Whether you are a Bank President, wishing to assure yourself
that your organization's environment is secure, a CIO after
having had implemented a new network configuration, a CFO
ensuring that due diligence has been exercised and hence
corporate liability is minimized, or a Webmaster after making
changes to your site -- SNAPShot Security review provides an
excellent low cost alternative to frequent audits, to assure
ongoing 'peace of mind'.
Network and Web site security auditing is only as good as its
most recent vulnerability test. Hence we made SNAPShot a
completely automated service that can only be activated by
client's request submitted through Internet -- upon verification
of
registration, payment and the authenticity of the client's
identity
-- and as often as the client wishes. As a result of the
security
review, clients get clear evidence whether their networks are
vulnerable to external intrusion.
SNAPShot encompasses a well-focused set of Internet security
tests that concentrate on the most frequent vulnerabilities
typically exploited by hackers. The tests include:
Probing of all tcp/udp/icmp ports for active services;
Verification of Domain Registration Records;
Domain Name Service (DNS) security test;
Fully Qualified Domain Name (forward and reverse)
validation;
Vulnerability exposure tests are conducted using powerful
Internet auditing tools developed by ADDSecure.Net Inc., as
well as with commercial probes optimized for the operational
environment used by service clients.
Knowing that many leading media services currently lack
adequate Internet defences, and are high profile targets to
hackers, ADDSecure.Net Inc. has announced a special free offer
(valid until September 1, 1998, certain restrictions might
apply)
to test Web sites that belong to newspapers, magazines,
television and other mass communication enterprises and that are
actively used for information dissemination through Internet.
Each participating media outlet will be entitled to a free
SNAPShot QA Audit, providing it fill the SNAPShot Order
Form (see http://www.ADDSecure.net/cgi-bin/order.pl, and
identify itself as a member of the media in the window
'Questions/Other relevant information'.
Many executives do not fully realize how much data within their
area of responsibility are accessible by penetrating the
corporate
Web. Well-publicized cases of altering government homepages
(i.e., see http://www.ADDSecure.net/breach.htm) prove that no
one is immune from hackers located far away or within the
organization. Just as with financial audits, you cannot rely
entirely on the tests done by the vendors of security solutions,
and you do need to see results of security reviews and audits
conducted by independent professionals.
Some of our clients have already found the hard way that hiring
real hackers to check corporate defences might be imprudent at
the best. What they are looking for is an independent and
ethical
audit team that has the persistence and adroitness of hackers
but
that also possesses the professionalism and undisputed integrity
of industry security leaders. SNAPShot services have been
built around this growing demand and provide our world-wide
clients with badly needed vulnerability exposure service.
To order SNAPShot services please fill the form.