Vulnerability Research 2018-06-20T12:23:51+00:00

VULNERABILITY RESEARCH

Nettitude has a dedicated and focused team of vulnerability researchers that work with our partners to identify security vulnerabilities in hardware and software devices.

We regularly identify vulnerabilities in applications, embedded devices and IOT technology. We have identified many unique zero-day vulnerabilities in a range of technology applications and platforms, and our team of researchers have been assigned many unique CVE numbers for their work. We work proactively with our clients to deliver focused research on a range of applications and systems with areas of speciality that include.

  • Web Applications

  • Mobile Application

  • Embedded Technology and IoT

  • Connected Vehicles

  • ICS and SCADA environments

  • Personal Security Products

  • Blockchain, Crypto Currency

Our team consists of experienced professionals, with deep understanding of fuzzing, reverse engineering and cryptography. Whether it is as a point in time activity, or as part of an ongoing security program, Nettitude’s security researchers are able to help.

Request a free quote

Vulnerability Research Methodology:

Are their any security weaknesses within your product?

1. Vulnerability Research

Proactively test and research weaknesses within the product from a white box perspective

1a: Fuzzing and Reverse Engineering

1b: Network & Protocol Analysis

1c: Cryptography

1d: Web Applications, API’s and Mobile Apps

1e: Hardware Analysis

2. Exploit Development

Develop usable exploit code targeting found vulnerabilities

Internal Programme

Our internal programme is focused around 6 core areas:

1. Virtualisation and endpoint security products
2. ATMs and financial payment products
3. Hardware Products (Firewalls, Routers, etc)

4. Internet of Things (IoT) inc phones, TV’s, home connected devices, etc
5. Vehicles and transport systems (inc cars, etc)
6. Web applications, APIs and mobile apps

Nettitude have also created many in house tools including implant malware/C2 frameworks for simulating sophisticated attacks in financial organisations and custom data loss intelligence tools.

Nettitude break vulnerability research into a number of further steps as shown below:

1. Vulnerability Research:

  • Fuzzing , reverse engineering and in depth security assessment

  • Monitoring and debugging

  • Cryptography Research

  • Hardware Teardown

  • Web Applications

  • Mobiles/API’s

  • Fuzzing , reverse engineering and in depth security assessment

  • Monitoring and debugging

  • Cryptography Research

  • Hardware Teardown

  • Web Applications

  • Mobiles/API’s

2. Recommendations & Reporting:

  • Management report, debrief and recommendations around best practice

  • Technical reports, vulnerability disclosure, debriefs and recommendations

For any vulnerabilities found, exploit code will be created to both demonstrate the vulnerabilities found and show the potential impact.