Vulnerability research : Assess security
System vulnerability research is a complex task that calls for a real strategy. Do you have the source code? What external libraries or other dependencies are targeted? What would be the most effective fuzzing approach? What's the most intelligent way to apply this with other techniques? What is the hardware attack surface? Which components and communication ports are in use?
So you need the right tools and the right know-how, but even that's not enough. Nowadays, with code everywhere and updates frequent, vulnerability research is a slow process.
At Quarkslab, we see automation, scaling and tooling as the keys to vulnerability research today, in addition to specific skills. And we build on in-depth knowledge, acquired through extensive experience, to provide you with these keys.
- Express assessment
- CSPN first-level security certification
- Product security assessment
- Detection of software and hardware vulnerabilities
- Identification of bugs in firmware, boot loaders, parsers, browsers, etc.
- Identification of hardware architecture weaknesses
- Detailed monitoring strategy
- Code developed to trigger or utilize bugs
- Methodology to perform low cost hardware attacks