Dynamic
Also known as an application security assessments (“ASA”), dynamic assessment, or application penetration test, this assessment evaluates the existing security controls that protect an application within its intended environment. Most commonly performed against web applications, but also against mobile, cloud, and API-only applications.
Static
An open box assessment, static code assesssment, or secure code reviews (“SCR”) is designed to help a Client’s development team build more secure software. This assessment may use both automated tools and manual techniques to identify vulnerabilities and does not require access to client environments.
Hybrid
Also known as a Hybrid Application Security Assessment (“HASA”) or source-assisted assessment, this assessment combines the techniques used in dynamic and static assessments. This combination of knowledge provides a more complete view of the running application, with the main benefit of eliminating false positives.
Training
Redpoint consultants use their years of security and development experience to tailor training courses for software developers. Each course features custom-developed, intentionally vulnerable applications to demonstrate the exploitation and remediation of vulnerabilities. These courses take a hands-on, real world approach.