• Home
• Services
• Approach
• Portfolio

• Blog
• Company
• Contact
• Join Our Team

TechSmart’s proprietary, structured methodologies promote a results-driven approach that enable higher quality customer service. Our client-centric methodology enables us to deliver superior solutions that can better meet your company’s budget, timeline, business needs, and strategic goals.

TSAssessor: Application Security Assessment Methodology Overview

Phase I

Exploration

• Inventory applications and understand application architecture
• Identify sensitive company assets and customer data
• Determine initial, potential security risks and vulnerabilities

Phase II

Risk Analysis

• Evaluate security and vendor best practices
• Assess system interoperability, dependency and availability
• Identify potential attack-surface
• Produce full risk assessment via threat modeling techniques

Phase IV

Auditing & Penetration Testing

• Perform security code review
• Exploit application to gain access to systems, code or underlying data
• Execute thorough vulnerability testing of applications through manual and automated attack methods

Phase III

Policies, Procedures & Recommendations

• Perform analysis of internal development and QA processes
• Establish application development best practices to enable more secure future development
• Recommend secure policies and procedures
• Analyze all testing inputs and prepare strategic report indicating current state of applications assessed

• TechSmart CustomWeb
• TechSmart Assessor