Contact us for a free consultation.

Learn more

Security Testing

We provide thorough assessments of all types of applications, networks, and infrastructure with guidance for improving your security posture.

Strategic Consulting

Our team of Security Experts provide industry-leading Risk Assessment, Project Management, and InfoSec Program and Policy Development services.

Compliance and PCI

Gap assessment and audit services with a focus on real security.  Our experienced staff can help you reach your compliance goals in a manner best suited to your unique environment.


We offer engaging and interactive security awareness and technical training, both online and instructor-led.

From the Blog

Brian Shura

Brian Shura

July 25, 2016

Views: 1050

Awhile back Stephen Haywood wrote a blog article called “Five Things Every Web App Tester Wished Developers Knew”.  I thought it would be fun to write an article from the opposite point of view discussing things that developers wished penetration / security testers knew.

Stephen Haywood

Stephen Haywood

July 18, 2016

Views: 1075

Recently one of our testers asked if there were any static analysis tools for Python code. He was reviewing a web app written in Python and was trying to identify any high-risk issues. I wasn’t aware of any readily available, security focused static analysis tools for Python because most available tools focus on syntax compliance not security and the few security-focused tools, like Fortify, can be very costly. However, I was able to give him a list of high-risk issues that could be easily identified with a manual review... 

Stephen Haywood

Stephen Haywood

March 18, 2016

Views: 573

When we do a penetration testing job, we typically use both Nmap and Nessus to scan the target devices for potential vulnerabilities. These scans provide us with a good understanding of the target devices and many of the common vulnerabilities present on those devices. Nmap and Nessus do not provide the whole picture but are a good starting point...

News & Events

© Copyright 2016 AppSec Consulting, All Rights Reserved