Faq | Clarionics Inc.

We have over 20 years of industry experience dedicated to application and infrastructure security. Based on that knowledge, we constructed a number of services which are tailored to provide maximum value to our customers.

It is not a realistic expectation to have applications which do not contain bugs, but it is possible to minimize exposure to critical data accessed by them. In our experience, best place to dedicate your effort is to look at the security of your critical business systems and API's. Because they are unique to your business, only dedicated security vulnerability testing can help in minimizing exposure to acceptable level. In recent years vendors of operating systems and core network and application products are doing good job in minimizing security issues within their products, but it does not apply to custom business applications which need to be secured separately by applying sound development security standards and vulnerability testing.

The answer depends on the complexity of the application in question, engagement model and scope of testing. For simple web based business application with a few pages, entire process takes few days and for complex applications few weeks may be required to ensure sufficient coverage.

There is no guarantee that all security issues will be detected, vulnerability assessment will typically indicate the presence of security issues, but not their absence. However, we will do our best to make sure all significant security issues are detected and documented.

Frequently Asked Questions

Why should I use your security services?

What are the most critical application security components we should look at?

What is typical effort to perform vulnerability testing of business application?

Will business application be free of security issues after the assessment?