Services

If you think that your website has little or no interest for cybercriminals - think again. As security vendor McAfee has revealed, 49 per cent of US and Europe based online businesses experienced a security incident in 2008.

Almost every second business lost an average of $35,000 in revenue, plus had to spend an average of $50,000 to fix the problem.

Prevention is the only protection against data security risks or 'hacking'. We offer a tiered range of services to suit all business types and sizes, across all industries.

 

Companies with no in-house IT presence can rely on BLACKHAT Solutions for a full service from risk detection to elimination, while many IT development companies use our detection services to check risks and carry out our recommended solutions themselves.

 

All services BLACKHAT Solutions provide are of the highest industry standard. We cross-reference several techniques including Open Web Application Security Project (OWASP) guides to discover all possible threats to your system.

 

Our main areas of expertise are:

Analysis, architecture, authentication, access Control, data validation, error handling, data privacy and safety, cryptography and session management and others.

 

AUDIT

  • Security analysis of database and data storage systems
  • Design and implementation of various protection plans and techniques within databases and data storage systems
  • Data flow analysis with proactive penetration testing (simulated DoS) on data storage systems and database servers
  • Software and hardware fault tolerance testing and analysis
  • Data transport layer protocols analysis
  • Application layer protocols analysis
  • Designing optimization methods for application layer protocols
  • Application testing and source code review
  • Back-end and front-end extensive testing
  • Identification and analysis of previously known and new web application vulnerabilities
  • Exploit analysis: SQL Injection, Shellcode, Backdoor injection - modules, forums, search etc, Cross Site Scripting(XSS), Cross Site Request Forgery(XSRF), Automated injection (bots, scripts), Google hacking, Remote injection, Token Analysis, Password cracking (brute force+dictionary), Session hi-jacking(Authentication and Authorization bypass) vulnerabilities identifications and analysis

 

DEPLOYMENT & MANAGEMENT

  • Installation and configuration of data storage systems
  • Installation and configuration of DBMS
  • Configuration of software/hardware applications, data input methods and data storage
  • SCADA system configuration
  • Router, firewall and other network components security configuration
  • 99.9% secure hosting options

 

 

IMPROVEMENT & DEVELOPMENT

  • Secure data storage management system development
  • Secure communication solutions (VoIP, L2TP)
  • Server based fraud detection system development
  • Sophisticated DDoS protection
  • Development of digital document workflow tools within company structure
  • Secure custom CMS design and development
  • LAN/WAN security scanner tool development (OS service level)
  • Custom data protection tool development based on PGP 

 

In Detail