Tailored Consultancy Services
MDSec's consulting services are based around three core values:
Tracking and Resolution
An assessment's value is realised through resolution. We provide the information and tooling to aid in issue tracking, regression testing, and future QA processes.
Our assessments implement our own rigorous standards.
Adopting Standards & Integration
We adopt and/or help set standards for technical assessment. Our deliverables are designed to integrate with your security programme, supplying you with CVSS ratings, OWASP Top 10 breakdowns or working within your own vulnerability management process.
Our consultancy focuses on integrating with your security practices, building a cumulative understanding of your security and presenting you with
results you can take to your boss.
Note: Penetration Testing is often overused as a security control. If your penetration testing is turning up repetitive results, a more cost-effective solution is to train development or Quality Assurance teams to address issues closer to the source. Our BSIMM and OpenSAMM reviews can also help ensure that your security programme is balanced across other areas such as Policy, Standards, and Governance.