Overview of Our Technical Process – E.D.I.T.E

Automated Testing – Proprietary, Open-Source & Commercial Tools

  •  Information gathering modules identify the network architecture, operating systems, relationships and platforms.
  •  Internal intelligence engine selects ideal tools for the target, which includes proprietary, open-source and commercial tools.
  •  Data from various tools is collected, streamlined, cross-referenced and stored into the internal testing database.

Manual Testing – Network Mapping and Logic Testing

  •  Detailed network map is created along with key assets, relationships, dependencies and interconnections.
  •  Each device is thoroughly enumerated for services, versions and configurations.
  •  Expert consultants create test cases and attack scenarios based on business priorities.
  •  Manual exploitation, probing along with specialized tools help auditors identify key vulnerabilities.

Integration – Data Correlation and Cross-Referencing

  •  Data from automated and manual testing is cross-referenced and correlated to establish a final list of issues.
  •  Data is referenced from public & private sources to build rich issue profiles.
  •  Expert auditors analyze the data and extract any key details that may not have been picked up automatically.

Reporting – Custom Developed with Detailed Fix Information

  •  Experts manually document details, descriptions, proof of concepts and references specific to your web-applications.
  •  Each module is thoroughly analyzed and reverse engineered to identify files, folders and parameters.
  •  Step by step POCs and fix information helps your teams understand issues.

Security Brigade a CERT-In empanelled founded on the core belief that "Great audits are done by great auditors - not expensive tools". Our proprietary E.D.I.T.E platform provides a workflow based testing engine that encapsulates the complete audit process. It allows expert auditors to focus on in-depth manual testing while assisted by a combination of proprietary, open-source and commercial technology.