Security Assessment｜Software Testing｜QA Services

Key Features
Our Process
Case Studies

Key Features of Our Security Assessment

Partnering with GMO Cybersecurity by Ierae, Inc., a leader in vulnerability assessment with world-class analysis technology, we provide hybrid assessments combining manual and tool-based methods for Android apps, iOS apps, web applications, networks, IoT devices, and more.

By integrating product verification and vulnerability assessment into a seamless process, we centralize information management while ensuring superior quality and enhanced security levels concurrently.

Feature ❶

Highly Reliable Security

Feature ❷

Integrated Management of Verification and Assessment Schedules

Feature ❸

Cost Savings through Consolidated Verification and Assessment

Ready to enhance your process and product quality? Contact us today.

Our Services

Webアプリケーション脆弱性診断 — Web Application Vulnerability Assessment

Hybrid Assessments Combining Tools and Manual Methods
Proven Reliability and Security Backed by Over 5,000 Successful Assessments

Conduct assessments for web applications developed in Java, PHP, Perl, Ruby, and other programming languages
Simulate attacks via networks to identify vulnerabilities that could lead to unauthorized access, data breaches, or service abuse caused by issues in design, implementation, or logic (e.g., invalid input, request manipulation, or code injection)
Cover areas such as input/output processing, authentication and authorization, session management, web server configuration, and Web 2.0

iOS & Androidアプリ脆弱性診断 — iOS & Android App Vulnerability Assessment

Advanced Reverse Engineering for Both iOS and Android Apps Using Sophisticated Analysis Techniques
Windows and Mac Applications Are Also Supported

[Android App Assessment]

Check access restrictions in data-sharing features and inter-app communication
Assess WebView vulnerabilities
Protect against device data breaches
Verify obfuscation and stubbing (e.g., ensuring .NET source code is concealed in Unity-based programs)

[iOS App Assessment]

Verify log outputs and inter-app communication
Assess WebView vulnerabilities
Protect against attacks utilizing iFunbox
Check obfuscation and stubbing (e.g., ensuring .NET source code is concealed in Unity-based programs)

Identify Risks with Minimal Impact on Server OS and Services

Assess servers providing network-based services such as DNS servers, mail servers, and directory servers
Evaluate network devices including routers, firewalls, and VPN equipment

IoT機器脆弱性診断 — IoT Device Vulnerability Assessment

Manual Diagnosis of Security Issues in IoT Devices

Protocol Assessment: Perform tests based on device-specific protocols, such as sending abnormal requests or attempting to bypass authorization, to identify behaviors exploitable by attackers.
DoS Testing: Send abnormal and excessive requests to devices to assess if their operation is disrupted.
Firmware Testing: Examine firmware update files and processes to check whether confidential logic or keys can be analyzed or if unauthorized uploads (e.g., modified firmware) can be applied.
Other Assessments: Investigate whether attacks leveraging device characteristics exist.

Ready to enhance your process and product quality? Contact us today.

Our Process

STEP 1

Initial Consultation

Confirm the outline of your requirements and requests, and ask you to complete the “Assessment Request Form.”
STEP 2

Quotation

Based on the plan and scale of the assessment, provide either an approximate or formal quotation.
STEP 3

Contract

Adjust the assessment schedule, secure resources, and request the submission of a purchase order.
STEP 4

Assessment

If high-priority vulnerabilities are detected, provide an urgent alert notification based on the agreed plan.
STEP 5

Report Delivery

If necessary, conduct a re-assessment and re-deliver the report.