IT Security consulting services
We have an excellent team of IT security professionals.
White labeling services
​
Focus is an essential tool for business success. We provide secure communications products and services. With our white labelling services you can save the cost of development and time. You can easily build your brand awareness in the front, meanwhile we provide everything else on the back. White labelling cooperation usually required in bigger projects. It takes time to discuss the specific and unique needs of each customer. Generally speaking an average project takes about 3-6 months to go on-line. In some larger more complex cases it could take even longer. Based on our experiences two major obstacles occur generally, which slows down the project implementation. Special software development needs appearing during the white labelling implementation and luck of clear strategic objectives.
White labelling - how to make it happen
As a solution provider we need to make our customers successful so that we become successful as well. As highlighted two major obstacles occurs most of the projects which usually delays project delivery and product or service release.
Firstly, clear strategic objectives are needed before the white labelling implementation is started. Our solution can provide a great advantage an extension to your service offer. To maximise the benefit next to technological issues your sales and marketing team materials has to be updated. It is advised to start the change management early so the your colleagues can adopt to the enlarged product portfolio. Sales commissions and sales trainings are also recommended to start early-on. Following the current trends pre-sales should be considered (ex.: you provide secure storage solution, you can start to offer our secure e-mail solution in advance to release). We can assist pre-sales efforts with product demos, beta releases, etc. Securesoft PR team also proposes benefitting from new PR possibilities coming from the new product and new customer satisfaction possibilities (new customer videos, fresh product experiences, journalists prefer to hear something novel for free press coverage). All in all, white labelling has to be carefully planned. Resources allocated for all relevant departments is needed. Exact, measurable strategic objectives/KPRs/OKRs should be defined so that your investment can quickly become a great revenue source.
​
Secondly, it has to be admitted that your product concept is different from our product concept. Each initial product and user requirements can be right, its simply different a bit by geographical location, customer segment, etc. Surely the differences has to be filled up to achieve as perfect as possible product market fit. Extra engineering will be required which can be fulfilled by utilising your in-house resources or accepting our offer (more on the in the relevant section below). In any case decision has to be made early on as these task can become huge bottle necks. This is why we provide it as a separate ad on option should it be needed. Please, contact us for more information.
Quantum Computing Readiness
​
Prepare on time so that you won't be affected.
We continuously monitor and update or product line against every risk (new security vulnerabilities, etc). A new, different mid-term vulnerability has emerged. In the foreseeable future quantum computing can be a significant threat to everyday secure communication tools. Some of the widely used key echchange protocols and other cryptographic pirimitives can be borken by this new phoneomenon.
​
In one hand we are hardening our products and solution to meet with the highest level of It security requirements. on the other hand we provide quantum computing readiness as a service for the IT security solution providers. We hava a large set or exceptionally well trained engineers to cope with any upcoming challenges. Should you need help with hardening and preparing your product agains quantum computing please contact us for a free initial consulting to plot a possible roadmap and estimate costs.
How to make the first steps towards quantum computing readiness.
Quantum computers utilises quantum physical methods for computation. Because of different hardware designs and computational primitives, quantum computers are faster in solving some specific problem domains. Still quantum computers are not always better or faster than traditional counterpart. As always with engineering design, the problem defines the solution not in the other way around. It is foreseeable that in the near future traditional CPU will be equipped with quantum co-processors (or separate processors). Similarly to graphical computation is generally not preformed by the CPU but by the GPU. Another good example is bitcoin mining whereas custom built hardware is available for more effective mining work.
​
A significant segment of IT Security products builds on encryption, authentication and key exchange protocols. Some of these algorithms might be breakable when a large enough quantum computer becomes commercially available (or even before for some selected well funded parties). Quantum readiness is process and a state which starts with an engineering audit. We try to identify the potential weak links from quantum computing perspective. Our in house engineering team is able to participate in partial consulting or complete re-implementation of the weak parts of your IT security product. It is a complex process, it is advised to think ahead and start early. Please, contact us for a free initial consultation.
Secure Coding Trainings
​
Secure your potentially weakest link.
​
A sophisticated adversary will seek for your IT Security solutions's weakest link. We like to believe they would try to brute force attack our passwords or breaking AES-256 or similar solutions. In order to perfect your defences IT security related programming errors has to be eliminated. There are various ways to do it. We believe providing training for software developers is one of the best long term investment into your team.
What to expect from our trainings?
There are various tools to detect and eliminate IT security related programming errors. The usage of these tools are necessary and a vital tool for fighting against sophisticated targeted hacker attacks. Still the reason and the source of these exploitable programming bugs is human error. Lack of adequate software design and poor software implementation. There are cases where software design meets the minimum required software quality and best practice implementation requirements. Still the end product is full of exploitable security holes as no IT security specific software design or IT security friendly implementation was executed. We propose training of the entire software development team thoroughly and introducing all best known best practices. Two advanced secure programming training is recommended yearly. This not only enhance programming proficiency but also strengthen team and provides excellent and motivating engineering challenges for team members. Comparing to general software development training - which are usually boring to day to day programmers - secure programming hold vast amount of surprise and eureka moments.
We provide secure programming training in the following programming languages and other security segments: java secure coding fundamentals, java secure coding follow-up, C and C++ secure coding (x86), C and C++ secure coding (ARM), secure desktop application development in .NET, python security, java and web application security, secure coding in php, node.js and web application security, network security and secure communication.
Secure software development
​
We provide secure software development services on a project based, and on time and material based agreements. Cooperation can be an add on to our white labelling services or an independent agreement only providing engineering. We prefer projects where we can exploit and apply our vast amount of expertise in the IT security field.
How does IT security engineering outsourcing work?
Contract wise two agreement structures are being used (thought there are precedents for hybrid agreements as well): time and material based agreements and project based agreements.
​
Project based agreements typically doable when the scope of the project is crystal clear or foreseeable simple. In such case standard project management tools are being used for task estimation and resource allocation. The offer is calculated based on these estimations. The time and material based cooperation is usually a form of team extension, whereas we provide various team members for one or various teams. Our IT Security related expertise include experts combined with standard IT development fileds, such as: Java, PHP, C++ and C developers. Product owners, scrum masters, project managers, system and component architects. Requirement engineers, test architects and automated test engineers. Should you have any specific need, please contact us to discuss your needs in detail.
IT Security Strategy
​
It is advisable to craft an IT Security strategy to plan an effective defence towards the foreseeable potential threats.
Why do you need an IT Security strategy?
IT security threats are increasing day by day. Surprisingly, most of the companies does not prepare for these matters. When they occur the costs are enormous. Based on our private interviews the reason of this postponing is that most of the cases the subjects feel it is not important (it will not happen with them) or the defence is pointless in case of a sophisticated attacker.
Systematically evaluating your position on the market and potential attackers can give you important information and hints towards effective strategies. Even if your budget is modest and perhaps there is no way to compete potential attackers in your segment (let's assume this worst case scenario) still preparing for recovery or defining effective business continuity processes do pay of almost all of the cases which we know. Hence, it is better to confront your fears and act on and against what you can and list all of the cases which are not defendable in your current position. For example off-line backups and trained personnel can be a good solution for a widespread ransomware attack wheres servers can be restored in a relatively quick way to assure business continuity. Usually, IT Security strategy advising start with an hourly based consultation which provides an excellent first step to get to know each other professionally and business wise.
Data security by design
​
Privacy is the new standard. Social media platforms are struggling with the new normal whereas the demand from customers and policy makers is enlarging. Two decades has passed with flourishing business models focusing on selling sensitive customer data.
Why to change your focus to data privacy by design?
We advise not to conclude data privacy requirements as a threat or as a business risk (still they are). But rather try to evaluate it as a business opportunity. The current trends signalises a major shift towards security and privacy awareness from end users. Various business models were built to extract confidential user data to sell for marketing or direct sales purposes. Some resulted into world wide scandals which caused great reputation or business loss. Data privacy by design offers a solution for the changing trends by revealing as little information from the users or generally from the stored data as possible. Privacy as default has been introduced to the general legal framework by the GDPR. All in all, designing the entire system with privacy in mind (or before major updates) various requirements can be fulfilled and data protection can be achieved. Even some extreme cases data privacy is achievable if the system gets compromised by attackers (ex.: if exact user IDs are not stored it can not be stolen). Once the necessary precautions has been made and design principles has been carefully implemented there is a room to exploit the invested cost by giving new persuasive methods to sales and marketing team. Should you be in the early phase of your product design process or should it be a more major project competing with new privacy challenges, please give us a call, and let's see if we can be at your service.
We want to hear from you!
​
Tel: +36 1 855 5625 (general inquiries)
Tel: +36 1 353 9181 (customer support hot line - CarbidMail and CarbidCom)
Pozsonyi út 50. fszt., 1133 Budapest (HU), European Union