Product Analysis

VSR's product penetration tests help clients understand the impact that a third-party appliance or software product will have on the security of their network environment. Reviews can occur at any stage of a product's deployment, including during conceptual product design, product evaluation, preliminary roll outs, or after production deployment.

Our security professionals design and implement test plans based on the specific product and intended deployment scenarios. Test plans often cover several of the following areas:

During the remediation phase of an engagement, VSR's analysts often work with third-party product vendors to describe in detail any vulnerabilities identified in order to address the issues.

Apple iOS / OSX: Foundation NSXMLParser XXE Vulnerability

XML Schema, DTD, and Entity Attacks

IBM WebSphere Commerce: Encrypted URL Parameter Vulnerable to POA

Timothy D. Morgan presents No Crack Required: Cryptanalysis in Real-World Applications at OWASP AppSecUSA 2012.


Contact us by phone,
fax or e-mail:

Phone: 617.933.8919
Fax: 617.933.8920