"We use a risk-based approach, grounded in both the system’s architectural reality and the attacker’s mindset"

Scope

• The product is analyzed to gain an understanding of its functionality.
• Knowledge about the platform (both hardware and software) on which the product/software runs is gathered.

• Based on the gathered information, product test framework for execution is articulated.
  
• Resources required in terms of tools and manpower is identified.
• Sequence and process of the security assessment is defined.

 Pre-installation Assessment

• Initial security assessment on the product’s installation package by way of reverse engineering, etc is performed.
• Existing loopholes and/or backdoors in the product’s installation package are identified.

Post Installation Assessment

• Product is installed on the test environment.
• Registry entries, modifications to DLLs and other system files, files copied onto the disk are identified and analyzed.
• The behavior of the product with respect to the system and the network is monitored.
  
• Post-installation security assessment by reverse engineering of the installed package is carried out.
• The network packet and bandwidth usage while the product is in use is monitored and analyzed.
• The behavior of the product with respect to checklist prepared from the features of the product given by the vendor is observed.

• Checks are performed to identify any traces left out by the uninstalled product.
  
• Investigation is done to check if all the modifications made to system files and/or DLLs, registry, etc are restored.
• Checks are carried out to identify if the product, even after uninstallation`, is trying to perform any malicious activity.

Analysis and Reporting

• Analysis, consolidation and extraction of general conclusions and recommendations and reporting of the same in an ‘easily understandable’ format.