You are here
Securing your applications
Securing your applications
In the landscape of cyber-threats, “web application attacks” are ranked third according to the “2017 ENISA Threat Landscape Report”. Not only are these attacks increasingly frequent, but they can also lead to disastrous consequences: massive data leaks, fraudulent transactions or damage to reputation.
Pushing the security of your web applications to one side is no longer an option. Application security is essential and this is where you can rely Approach's core expertise.
Our approach: securing the full stack
To protect web applications, companies will often only focus on penetration-testing, i.e. making an assessment of the security of your applications after the fact, whereas advance security checks are of major importance.
We therefore strongly advise our customers to include security controls in their Software Development Life-Cycle (Secure SDLC). We offer a uniquely comprehensive but pragmatic approach, considering every layer in the application stack and fully integrating security as part of your SDLC (non-exhaustive):
- Assess security threats and risks to business applications
- Integrate security into application requirements
- Secure development environments, practices and coding techniques
- System hardening of web, application and database servers
- Select, configure and manage a Web Application Firewall (WAF)
- Train and coach IT Staff on security issues
- Security Watch & Vulnerability Management
- Cover compliance and certification needs (e.g. PCI-DSS, GDPR, ISAE, SysTrust, WebTrust, ETSI, HIPAA, etc.)
- Secure decommissioning of obsolete applications
The major advantages of our integrated approach can be summarised as follows:
- All aspects of security are covered, which ensures that there are no grey areas to create a security hole
- As the approach is logically integrated, the total time & money investment is highly optimised (ROI)
- Because we align development, infrastructure and operations parties, malfunctions due to security settings, rules and limitations are significantly reduced, thereby increasing the availability of services
Approach can help your organisation to protect its applications totally and sustainably by:
- Assessing the current level of security of your environments, by performing penetration testing, reviewing your architecture, assessing the current risk of your business applications or assessing your technical landscape.
- Training people about security
- Assisting in securing your environments.
- Assisting in controlling the relationship with third-party suppliers.
- Watching and reporting on security and the development of threats.
“Edenred takes privacy of its customers and employees very seriously. In Approach we found an ideal partner to help us assess our maturity level against the General Data Protection Regulation, establish and drive a roadmap with the objective to meet our compliance obligations.” Koen Reyniers, COO BENELUX EDENRED
"The Approach WAF solution is protecting our key eBanking applications already for some years. The tailor-made solution meets our needs and it follows the technological evolutions (API, cloud, ...). The high security level of the solution combined with the responsive support team makes this a solid and effective service." Mathieu Desmet, CIO CPH Bank
" Approach is providing us with their solution as managed service since 2007. The low cost adapted to a start-up was the key decision factor, but the very high availability we had during huge attacks proved the maturity of the product. It smoothly supported our migrations over the years (development frameworks, cloud infrastructure, ...), without being distracted by security concerns and technical issues. " Frederic Tais, ATLAS Expat Operations Manager
Publications & events
Published on 12 October 2018
How do you deal with low risk level vulnerabilities ?
Nothing should be left behind when speaking in terms of security... A story by David Bloom, Cyber-Security Consultant at Approach.
Mechelen - Lamot Congres (1 day )
Approach at the Belgian Cyber Security Convention
Our cyber-security experts will organise an interactive game "How I hacked a folder". Be one of the actor of this...
Axis Parc (4 hours)
WAF open forum: is the technology mature?
Isaca Belgium and Approach are pleased to welcome you to the open forum " Web Application Firewalls: is the technology mature" ...
Published on 04 September 2018
How I hacked a cheap IoT and how it could have been prevented
As a cyber-security company, we regularly create internal contests. The latest one was focusing on the hacking of an IoT application.
Published on 05 June 2018
Approach is recruiting IT Security experts
The Waldorado team from RTL TVI visited us to know more about our activites and the profiles we are recruiting. Watch the movie !
Namur Expo (1 day )
Approach at ICT Infrastructure Namur
Meet us during ICT Infrastructure Exhibition on May 31st.
Published on 04 April 2018
Rise of DDoS Amplification Attacks
Since the end of February 2018, we’ve seen a rise of DDoS Amplification attacks, with in some case more than 1Tbps of traffic generated. ...
Published on 21 March 2018
Data News Award Excellence 2018 - Approach nominations
Approach is nominated twice for the Data News Awards for Excellence 2018: Cyber-security Innovator & Scale-up Company. Why voting for...
Published on 26 February 2018
Can we really trust an antivirus when it comes to unknown threats?
Approach CSIRT Team reproduced a similar attack in its lab ...
Brussels Expo (2 days)
Approach at Infosecurity
Meet our experts to discuss about your cyber-security challenges and attend our session "the advent of mobile digital identity" at...
Published on 14 December 2017
Approach service offering and mission - brochure
We enable our customers to succeed by delivering state‑of‑the‑art solutions to cyber‑security challenges.
Published on 14 December 2017
Approach acquires Software Development company TInSys
Approach is to take over TInSys (Total Integration Systems), a Belgian medium sized software development company, specialising in mobile apps...