Technical Due Diligence

Evaluate your software system risk

Our technical due diligence services have been used by private corporations and public agencies for over two decades. Moreover, our executive team and resources have the expertise to report on both top-down and bottom-up vulnerabilities. This includes examining your system from both a system-level and operational perspective – be it a sub-system, an intricate network, or a stand-alone product.

Our technical due diligence is performed using a highly structured process and automated tools that eliminate guess-work and ad hoc results. Our process combines evidence-based vulnerability assessment, threat and risk analysis, and risk prioritization. Furthermore, our approach eliminates issues that are often associated with human interpretation – or misinterpretation.

What You Can Expect

We perform an extensive cyber security risk analysis and code review. Then we prepare a Software Evaluation Report, which focuses on the key quality, maintainability, security, and compliance aspects of the examined system. The report contains a summary and detailed information in the following areas:

  • Security analysis
  • Architecture and code analysis
  • Internalization and localization
  • Third-party software identification and open source licensing
  • System metrics

Types Systems That Can Benefit

Here are just a few examples of how our services have been, and can be applied:

  • Aircraft and other mission critical self-contained systems
  • Road-going vehicles
  • Products that leverage the internet of things (IoT) – from refrigerators to routers
  • Critical software and hardware sub-systems within a larger framework

If you are concerned about the accuracy of your risk and vulnerability analyses and seek professional assistance, contact us.