SECURITY AUDITS - BEYOND SMART CONTRACTS
Audits cover every aspect outside of smart contracts. I assess and reduce overall risk for companies, users, and employees by minimizing attack likelihood and its impact.
- OSINT Research: Conduct Open Source Intelligence (OSINT) investigations to assess companies' internet exposure and identify potential risks.
- Web Application Security: Perform penetration testing aligned with the OWASP Top 10, utilizing black-box methods to simulate external attacks and gray-box techniques to evaluate risks from limited insider access. Audit web applications and assist developers in mitigating identified issues.
- Operational Security Audits: Audit team devices, accounts, and security configurations to identify vulnerabilities and optimize security. Verify secure configuration of company assets, including OTP-based 2FA, encrypted disks, antiviruses, YubiKeys, and password managers.
- DNS Security: Review DNS configurations to identify risks such as spoofing, phishing, and subdomain takeovers.
- Hardening: Ensure the protection of company infrastructure and digital assets, including securing social media accounts.
Telegram
