Key Features and Diferentators

Mult-Platorm Reverse Engineering, File

System & API Monitoring
Customized emulator framework facilitates
reverse engineering and low level applicaton
analysis.

In-depth study of communicaton protocol,
encrypton, compression, etc.
Detailed Fix Informaton with Source Code
Examples

Detailed informaton is provided on how to fx
issues in your specifc development language,
framework and platorm.

Step by step instructons, POCs & examples
are given for your
applicatons & platorms.
E.D.I.T.E Intelligently Selects
the Ideal Tools
Selects tools based on target frameworks,
platorms, applicatons and versions.
Ensures that ideal combinaton of
tools are intelligently selected and
run for each individual target.
Integrated Proprietary, Open-Source and
Commercial Tools
Unique combinaton of tools delivers ideal
balance between security, efciency and
cost.

Tool output is cross-referenced, correlated
and fed to manual auditors for review &
analysis
Expert Led Test-Case Driven Approach

Experts create test cases specifc to your
business concerns, priorites and pain areas.

Our large internal test case database is
referenced based on various identfers.
Identfy Design & Logic
Vulnerabilites
Our expert driven mapping and test case
based approach identfes design & logic
issues in your applicatons.
Such issues generally have a high business
impact & cannot be found through
automated scans.
Mobile Application Penetration Testing
Secure mobile applicatons from technical and business logic issues. Get actonable fxes.
Our Mobile Applicaton Penetraton Testng service leverages applicaton mapping, reverse engineering and proprietary tools to
identfy business logic and technical vulnerabilites in your mobile applicatons.
Many of the risks associated with mobile applicaton are similar to those of web applicatons such as user authentcaton, data security,
data in transit, etc. Our core focus lies not only in identfying technical vulnerabilites but identfy key issues related to applicaton
permission and data fow.
Our in-house developed E.D.I.T.E framework takes our experienced consultants through a well-defned testng workfow that
intelligently automates repeatable tasks while facilitatng auditors to efciently carry out thorough manual testng.
Challenge Soluton Matrix
Developers cannot fx issues.


We are stll vulnerable afer
several audits.





We need to meet Compliance
mandates.


We want to prevent leakage of sensitve
customer informaton like credit card
details.


How do we prevent user account hi-jack?

Detailed recommendatons with source-
code examples in your development
language.
Re-testng of vulnerabilites tll
closure is a complimentary part of our
service.

Our experts help your team understand
and fx issues.
Our testng guidelines meet the
requirements set by most
compliance standards.

We help you identfy and prevent sensi-
tve data leakage like credit card details,
locaton, owner id
informaton etc.
Identfy sensitve data transmission over
unencrypted channel
Quick turn-around tme for fxed release.



All issues are closed thoroughly.






Meet the requirements of compliance
standards.


Your applicatons are tested
thoroughly for both technical and logic
issues.


Helps you to prevent data leakage
through intercepton

Deliverables
Executve Presentaton Excel Fix Tracker Detailed Technical Report
Compliance & Testng Standards
Your Challenges Key Benefts Our Solutons
High level summary of issues
Key metrics and analysis
Impact and root cause analysis
Acton items for remediaton
Detailed proof of concepts
Fix informaton with source code and confgu-
raton examples
Specifc to your applicaton
Track fx status of issues
Manage tmelines for fx
Manage responsibilites for fx
Summary of acton items
Overview of Our Technical Process - E.D.I.T.E
Excel Fix Tracker
Overview of Our Technical Process - E.D.I.T.E
1 Automated Testng Proprietary, Open-Source & Commercial Tools
2 Manual Testng Network Mapping and Logic Testng
3 Integraton Data Correlaton and Cross-Referencing
4 Reportng Custom Developed with Detailed Fix Informaton
a) Customized emulator framework identfes
the applicaton frameworks, dependencies and
components.
b) File system and network anlayis analyzes and maps
applicaton actvity and protocols.
c) Internal intelligence engine selects ideal tools for the
target, which includes proprietary, open-source and
commercial tools.
d) Data from various tools is collected, streamlined, cross-
referenced and stored into the internal testng database.

a) Applicatons are divided into core modules and functonal
areas.

b) Data fow between components is mapped along with
their logical relatonships..

c) Applicaton is reverse engineered to understand its
internal functoning

d) Expert consultants create test cases based on business
concerns, pain areas and potental abuse scenarios.
a) Data from automated and manual testng is cross-
referenced and correlated to establish a fnal list of
issues.

b) Data is referenced from public & private sources to
build rich issue profles.
c) Expert auditors analyze the data and extract any
key details that may not have been picked up
automatcally.

a) Experts manually document details, descriptons, proof of
concepts and references specifc to your applicatons.

b) Source code and confguraton fxes for each issue are
provided specifc to your environment.
c) Step by step POCs and fx details helps your team
understand issues.
Process Comparison
Traditonal Process Used by Most Firms In-Depth Process Used by Cyber Alpha Security

P

P

P

P

P
P
P
P
P

P
P

P
P
P
P

P

O

O

O

O
O
O

O
O

O
O
O
O
O
O
Automated Testng
Automated scanners to fnd technical issues
Combinaton of in-house developed proprietary,
open-source and commercial tools
Tools are intelligently selected depending on your
target infrastructure
Manual verifcaton of all issues No false positves
Manual Testng
Mapping of business logic, data fow and workfow
Reverse engineering of web applicaton functonality
Test cases specifc to business priorites and pain areas
Identfcaton of design and logic vulnerabilites
Impact analysis through exploitaton and propagaton
Integraton
Correlaton of data from multple tools and sources
Reference issues against private and exclusive vulnerability sources
Reportng
Custom developed report specifc for your applicatons
Detailed fx informaton for your specifc platorms
Source code examples for fxes in your development languages and frameworks
Detailed proof of concepts with thorough explanatons
Standard
Audit
Premium
Audit

Generic
Vendors
Feature
Feature Comparison

P

P

P

P

O
O
O
O
O

P
P

P
P
P
P
Amsterdam, The Netherlands
Veembroederhof 281
1019HD Amsterdam
Tel: +31-20-511-2466
info@cyberalphasecurity.com

Chennai, India
RMZ Millenia Business Park
Phase 2, 6th Floor
Tel: +91-44-6691-5315
info@cyberalphasecurity.com