TECHNICAL DUE DILIGENCE

As a CISO, prior or during purchase or integration of a new application/software/IT product in your company, you would like to check:

the security properties level (respect of the editor’s promise)
the absence of vulnerability introduced
the absence of malicious function(s)

As an Investment Fund (VC) or an Entrepreneur, you would like to assess the security level of an application/product or a service during a Merger/Acquisition project of a software or product provider.

Main challenges

Performing these in-depth and necessary assessment can be made very difficult for stakeholders, due to lack of tools, skills or services drawbacks:

the lack of in-house expertise for advanced software, in particular for network products or anti-virus software
the budget at your disposal is often too low to address the complexity of the software to be analyzed
CSPN certifications of security products offer a useful framework but are sometimes unsuitable for certain needs or types of products or when you would like to avoid imposing a formalism / when you are running out of time.

Our solutions

Get support from a multidisciplinary team of experts (ANSSI ITSEF certified) covering:

the various operating systems and platforms on the market
desktop or mobile environments
a wide range of products or applications, including cryptographic libraries

When your constraints are strong (time/resources), we will conduct CSPN-type evaluations, relieving you of heavy procedures and of inherent certification formalism.

To access the main works realized by our teams: visit our blog

TECHNICAL DUE DILIGENCE

Main challenges

Our solutions

Solutions

Company

Société

Documents

Documentation