Ebryx provides security services in the following areas:
For companies developing anti-malware products we provide malware research services to help identify new malware and its signatures, devise countermeasures and assess the effectiveness of the countermeasures. Our services include analysis of traffic captures from live networks and utilization of specialized tools to detect anomalies.
We help technology companies develop anti-malware products and provide testing services to help test the effectiveness of such products. Security software development and testing is one of our key offerings. We have had experience with state-of-the-art technologies and category-leading products in this domain.
Custom-developed and off-the-shelf software both are often not designed with security in mind. Developers focus on providing functionality and often overlook important security measures in designing network interaction. This leaves servers open to various kinds of attacks including denial of service and man in the middle attacks causing unauthorized use of service, retrieval of sensitive information and service outages.
Applications serving clients outside the corporate firewall are particularly vulnerable to such attacks as network message exchanges are easily observable by outsiders. Web based clients accessing servers with custom network protocols through applets are an important example.
Attacks from within the corporate network are also not uncommon. Malware can become resident on the network through a variety of mechanisms and attack network based services not exposed beyond the intranet. Spreading of worms through legitimate network applications is an example.
Ebryx provides services to help analyze network protocols and message exchanges by observing network traffic on the wire. Through our analysis and penetration testing we can identify vulnerabilities and help assess potential damage these can cause.
Once a vulnerability is identified, Ebryx clients can ask their software providers to address the issues. In many cases Ebryx can also provide elements that can be introduced between the client and the server to improve security and remove the identified vulnerabilities. This enables Ebryx clients to fix their security issues with minimal dependency on their software providers.
Many security issues emerge from the way source code is written. As a developer writes code, he may make errors that a malicious attacker can exploit to take control of the software. Software written for mission critical services or for extremely sensitive environments where any security vulnerability can potentially result in substantial losses to the business should be carefully inspected for such issues. This again is often overlooked in typical software development life cycles. Code written in C/C++ and code written for Web browsers and Web servers is particularly prone to attack. Ebryx offers code inspection services to help identify source code vulnerabilities and, if required by our clients, to remove the identified vulnerabilities.