See Security Technologies

Engagement Expectations:

A product assessment is a detailed analysis of a security product or the security components of a product. The assessment verifies vendor claims, tests the product in different configurations, and ensures that the product performs as intended. An assessment for a company developing software might include source code review, thorough testing of security mechanisms, and determining if there are ways to circumvent the security features of the product.

Why Have a Product Assessment performed?
Whether your company is buying or producing products, the security components of these products are a determining factor in the overall security of your company. If you're buying a product, the strength of the implementation and the ease of configuration can determine if your company is secure or a hacker's playground. If you're selling a product, an independent assessment provides added value for your customers.
If your company is buying a security product, you may have concerns about how well the product protects your company infrastructure. Is your company made more vulnerable by using the product? How will the addition of the product affect your company's enterprise security posture?
If your company is producing products, your concern is three-fold... How would a flaw affect:

Your company?

Your customers or users?

The public?

Does your reputation require the product to be secure during the product release? Will a third party assessment of your product's security provide a competitive sales advantage?

Product Assessment Methodology:
See Security can evaluate a product to ensure that it meets vendor claims, contains no known vulnerabilities, and does not contain design or implementation flaws.
The team at See Security has evaluated intrusion detection systems, firewalls, Web servers, biometric devices, smart card products, executable content (Java/Active X) filters, and specific applications for secure government systems. We have also produced configuration guidance for these same types of systems.
See Security will have an initial kick-off meeting with the client to determine the goals of the project. Appropriate product assessment goals will balance the client's enterprise security posture or the client's product revenue opportunity with the risk that vulnerability exists in the product. Our analysis team will work on-site or in our lab space to achieve those goals. See Security will immediately report any significant findings to your company before our final report. By keeping our clients informed during the engagement, they can make timely and appropriate decisions to consider a different product or redesign the product. Our final report will give an overview of the product features, list vendor claims that were validated, show test results for known vulnerabilities, and describe the results of our advanced vulnerability testing. We can custom tailor engagements to include source code review or other engineering to meet a client's specific requirements.