FIME works in partnership with its clients to address information system security requirements from initial set-up and throughout development and integration. Our offer includes:
- Risk analysis - applying a vulnerability analysis methodology to search for applicable threats and assess corresponding risks using probability of occurrence or feasibility and impact assessment.
- Security requirements writing - identifying the applicable security requirements to be met in order to mitigate the identified risks.
- Product design review - searching for vulnerabilities at early stage of development in the product/system paper design/specifications through analysis by a security expert.
- Source code review -searching for vulnerabilities in the source code at the end of development using tools and security expertise – also includes cryptographic mechanisms validation.
- Vulnerability analysis - includes product design review and source code review in order to identify any exploitable vulnerability in the product/system and prepare, if needed, a penetration testing plan.
- Security audit / penetration testing - performing the corresponding security audit on security procedures and penetration testing on the product/system.
FIME can also support you through to compliance with PCI DSS requirements, including a pre-assessment gap analysis resulting in an action plan, follow-up and support services and penetration testing in order to assess the resistance of your information system to prepare you for the official compliance audit.