Security-Assessment.com
Advise - Assess - Assure Company Services Advisories Publications Events News Room


Resources
  dailyinfosec - Security News
  @Risk Newsletter
  Top 20 Vulnerabilities
  Vulnerability Knowledgebase
  Trial Network Scan
  Trial PCI Scan
New Zealand
Tel.:+ 64 9 302 5093
Fax.:+ 64 9 302 5023
e-mail: nz@security-assessment.com
Leading Services
Research & Development Web Application and Penetration Security Testing
Security-Assessment.com is one of the world's leading IT Security research companies.

Our expertise is used by many of the world's leading companies, IT vendors, government agencies and the wider IT Security community.
More Information
  		This testing is a highly specialised field of security and a requirement for meeting regulations such as PCI DSS, SOX and HIPAA.

It also is defined in industry standards such as ISO 17799 and ISO 27001 as an important security organisations that organisations should undergo reguarly.

More Information
 
PCI DSS Auditing and Services CSAP
Security-Assessment.com is a Qualified PCI Security Assessor and Auditor. We are also one of the first Qualified Payment Application Security Companies in the Asia Pacific region.

We provide our clients with the full suite of PCI services ­ from compliance advisory, quarterly scanning, yearly audits to payment application reviews.
More Information
  		CSAP is our ongoing managed security services program that covers security assurance activities that all organizations need to undertake.

We deliver this within the bounds of a framework that provides our customers with a structured management view on security performance.
More Information
 
Vulnerability Management Services Other Services
Proactive vulnerability assessment and management is the most effective approach to detecting vulnerabilities in your network environment.

Patching has its place but you cannot rely on just patching. It won't cover "weak" builds and mis-configured systems. Firewalls and IDS/IPS won't stop fast moving new worms and other malicious exploit code.

Free Network Scan
Trial PCI Scan
More Information
  • Enterprise Security Assessments
  • Security Management Systems
  • Application Assurance
  • Network Architecture Reviews
  • Compliance Reviews (ISO27001/17799, SOX, PCI)
  • ACSI 33 and I-RAP Assessments
  • VOIP, Wireless and SCADA tests
  • Mobile Technologies and more...
More Information
News Highlights
Paul Craig to present at Hack In The Box (HITB) Malay 2008

Morgan Marquis-Boire talks about SCADA on the Risky Buisness podcast

Paul Craig to present at Defcon 16

Morgan Marquis-Boire to present at Defcon 16

Morgan Marquis-Boire to present at Shakacon

Morgan Marquis-Boire presents at Auscert

SA Advisories
Acrobat Distiller Malformed "joboptions" File

SugarCRM Local File Disclosure

Cart32 Arbitrary File Download

Multiple .NET Null Byte Injection Vulnerabilities
Latest Publications
BlackHat EU 08 - Crackstation

Kiwicon - Here Be Dragons: Hacking Non-IP Networks

Kiwicon - Intrusion Detection - This Is Not The Packet You Are Looking For

Information Security Industry Overview

Upcoming Events
August 8-10th 2008
Defcon 16

August 8-10th 2008
Hack In The Box Malay

  Security-Assessment.com © 2008 | Privacy Policy | Terms of Use