You are here
Securing your applications
Securing your applications
In the landscape of cyber-threats, “web application attacks” are ranked third according to the “2017 ENISA Threat Landscape Report”. Not only are these attacks increasingly frequent, but they can also lead to disastrous consequences: massive data leaks, fraudulent transactions or damage to reputation.
Pushing the security of your web applications to one side is no longer an option. Application security is essential and this is where you can rely Approach's core expertise.
Our approach: securing the full stack
To protect web applications, companies will often only focus on penetration-testing, i.e. making an assessment of the security of your applications after the fact, whereas advance security checks are of major importance.
We therefore strongly advise our customers to include security controls in their Software Development Life-Cycle (Secure SDLC). We offer a uniquely comprehensive but pragmatic approach, considering every layer in the application stack and fully integrating security as part of your SDLC (non-exhaustive):
- Assess security threats and risks to business applications
- Integrate security into application requirements
- Secure development environments, practices and coding techniques
- System hardening of web, application and database servers
- Select, configure and manage a Web Application Firewall (WAF)
- Train and coach IT Staff on security issues
- Security Watch & Vulnerability Management
- Cover compliance and certification needs (e.g. PCI-DSS, GDPR, ISAE, SysTrust, WebTrust, ETSI, HIPAA, etc.)
- Secure decommissioning of obsolete applications
The major advantages of our integrated approach can be summarised as follows:
- All aspects of security are covered, which ensures that there are no grey areas to create a security hole
- As the approach is logically integrated, the total time & money investment is highly optimised (ROI)
- Because we align development, infrastructure and operations parties, malfunctions due to security settings, rules and limitations are significantly reduced, thereby increasing the availability of services
Approach can help your organisation to protect its applications totally and sustainably by:
- Assessing the current level of security of your environments, by performing penetration testing, reviewing your architecture, assessing the current risk of your business applications or assessing your technical landscape.
- Training people about security
- Assisting in securing your environments.
- Assisting in controlling the relationship with third-party suppliers.
- Watching and reporting on security and the development of threats.
“Edenred takes privacy of its customers and employees very seriously. In Approach we found an ideal partner to help us assess our maturity level against the General Data Protection Regulation, establish and drive a roadmap with the objective to meet our compliance obligations.” Koen Reyniers, COO BENELUX EDENRED
"The Approach WAF solution is protecting our key eBanking applications already for some years. The tailor-made solution meets our needs and it follows the technological evolutions (API, cloud, ...). The high security level of the solution combined with the responsive support team makes this a solid and effective service." Mathieu Desmet, CIO CPH Bank
" Approach is providing us with their solution as managed service since 2007. The low cost adapted to a start-up was the key decision factor, but the very high availability we had during huge attacks proved the maturity of the product. It smoothly supported our migrations over the years (development frameworks, cloud infrastructure, ...), without being distracted by security concerns and technical issues. " Frederic Tais, ATLAS Expat Operations Manager
Publications & events
Published on 26 February 2018
Can we really trust an antivirus when it comes to unknown threats?
Approach CSIRT Team reproduced a similar attack in its lab ...
Published on 04 April 2018
Rise of DDoS Amplification Attacks
Since the end of February 2018, we’ve seen a rise of DDoS Amplification attacks, with in some case more than 1Tbps of traffic generated. ...
Published on 05 June 2018
Approach is recruiting IT Security experts
The Waldorado team from RTL TVI visited us to know more about our activites and the profiles we are recruiting. Watch the movie !
Published on 04 September 2018
How I hacked a cheap IoT and how it could have been prevented
As a cyber-security company, we regularly create internal contests. The latest one was focusing on the hacking of an IoT application.
Published on 12 October 2018
How do you deal with low risk level vulnerabilities ?
Nothing should be left behind when speaking in terms of security... A story by David Bloom, Cyber-Security Consultant at Approach.
Published on 21 January 2019
Why should your organisation go for ISO27001 certification?
Digitised services are exposed to a broad spectrum of cyber-threats attacks. Obtaining the ISO27001 certificate can be a...
Brussels Expo (2 days )
Approach at Infosecurity Belgium 2019
Join us at Infosecurity on March 20th and 21st !
Web Contest (19 days)
Master CyberSecurity Tournament: Approach CTF is ready!
The students in Master CyberSecurity will have 19 days to find more than 20 flags.