Entertainment

WEBCAST:  Reducing your Software Application's Attack Surface

As companies that have historically written gaming applications bring their applications on-line, they are susceptible to new classes of security risks including identity theft, fraud, and piracy. Most entertainment applications were written for off-line, stand-alone use with non-web technologies.

Now, development teams have to manage all of the legacy security issues as well as the newly-introduced web vulnerabilities.  Equipped with the right security encryption and skill set, entertainment providers can create additional distribution channels and increase revenue streams by securely distributing digital content to mobile and consumer devices.

Consumer Electronics

Mobile networks offer advantages to content owners with their vast reach and the continued rate of adoption in the mobile world.  But they also increase the attack surface by spreading sensitive information over multiple platforms and allowing customers to connect to payment services "on the go"-  Many of which were never written with security in mind.  We help our consumer electronics clients examine their encryption and software licensing mechanisms to ensure that digital content is secured and to protect the revenue streams enabled by our mobile and networked world.   TeamMentor, our revolutionary secure development guidance system, provides just-in-time guidance to -each- development and IT team member as they build and deploy secure software systems.  TeamMentor provides secure development standards right out of the box and meets PCI-DSS requirement 6.5

Our low-level software testing, code analysis, and reverse engineering techniques complement our extensive threat modeling expertise. Threat Modeling is used to analyze business and technical risks in consumer electronic devices (CED's). Threat modeling of CED's allows us to identify new classes of risks and the seriousness thereof, while our application security awareness and writing secure code training and eLearning help organizations adopt new technologies securely.

Our broad experience expertise in non-web systems have enabled us to help some of the world's most notable consumer electronics vendors, including Sony, Ericcson, Samsung, Cisco, HP, Tivo, and Windows Mobile.

On-Line Gaming

Gaming Organizations need to protect the integrity of their customers' personal data while ensuring that gamers play by the rules of the game. Personal account information, profiles, and confidential data can be exposed by gaming software through session hijacking, cross-site scripting vulnerabilities, and other software flaws. Gamers can also add  functionality illegally and gain access to personal information on another users computer if the system is not designed properly. 

To hedge against these risks, regular assessments  need to be conducted to isolate vulnerabilities and develop a plan to reduce the risks they pose. New technologies such as AJAX make this even more important as a lot of processing is now done "behind the scenes" and deep analysis of an application is needed to discover vulnerabilities deep in the application's code.