Software Security Services

Strategic and hands-on security consulting from independent experts


Our software security practice focuses on identifying security bugs and design flaws across the software development lifecycle. Our holistic approach organically combines strategic, white box (static code analysis), and black box (penetration testing) services. We also help clients with validation, developer training, and the identification of the root causes to prevent vulnerabilities from reemerging. Our services can help protect your devices, including Internet of Things (IoT) devices, smart appliances, hardware, and more; secure applications from vulnerabilities; and protect your transactions across mobile devices, the Internet, or telephone IVR systems.

Experiencing a Breach?

Contact Foundstone emergency response now.

North America/Latin America/Asia:
Europe/Middle East/APAC:

Contact us now

Our Foundstone software security services include

  • Application Threat Modeling

    Identify security problems before software is built. Uncover design flaws, reduce the overall code review effort, and minimize costly fixes.

    Download Data Sheet >
  • Avionics Security Assessment

    Our methodology for assessing aircraft is based on our experience performing security assessments on the Boeing 777 and other aircraft, and leverages the Cyber Framework for Avionics.

    Download Data Sheet >
  • Embedded Systems Assessment

    Secure IoT devices, including smart thermostats, home automation devices, TVs, smart appliances, medical devices, routers, and car ‘infotainment’ systems.

    Download Data Sheet >
  • Interactive Voice Response (IVR) Assessment

    Secure your IVR systems and the confidential data they process, and identify potential vulnerabilities.

  • Mobile Application Assessment

    Assess applications developed for iOS, Android, Kindle Fire, Windows Mobile, and BlackBerry platforms, with a special emphasis on data storage and protection and application logic bypass.

  • Secure Source Code Review

    Using a combination of automated source code analysis and manual reviews, we identify design flaws and implementation bugs hidden deep in the code base.

  • Software Security Maturity Assurance Assessment

    Evaluate your current software security processes, identify major gaps, and implement a balanced software assurance program.

  • Thick Client/Binary Application Assessment

    Identify vulnerabilities in internal- and external-facing thick client applications, binary applications, DLLs, Citrix-based applications, and kiosks.

  • Web Application Penetration Testing

    We identify vulnerabilities with automated and manual tests, provide remediation steps, and help validate fixes.

  • Web Services Assessment

    Identify vulnerabilities in SOAP-based services and RESTful APIs hosted locally or in the cloud using cloud service providers such as Amazon Web Services (AWS).

Security Insights

Get insights from the experts into emerging threats, trends, countermeasures, and best practices for strengthening your organization’s security posture.

Read Blog

Emergency Response

Has your network been breached? If you’re in the midst of a security crisis, we can help.

Get Help Now