AppSec Solutions By Industry

Application Security Review and Audit

Rietta will review the security of your custom web, mobile, or desktop application using the OWASP ASVS, OWASP MASVS, or other relevant industry standard.

This open book review is a suitable substitute for many pen test engagements and will provide your company with an affordable solution to enumerate issues that your team can fix and to satisfy your customer's security inquiries.

Our clients have a 100% track record satisfying their customer-lead inquiry into their security.

Engagement May Include

• Review code and cloud infrastructure and produce a signed security assessment report suitable to provide to your customers
• Answer security questionnaires from enterprise clients
• Attend conference calls and meetings as your security expert as needed
• Develop compliance strategies to align existing practices with external cybersecurity requirements

Answering Questionnaires and Expert Advice

Our security expertise can be invaluable during an incident response or when you just want to get ahead of the security concerns that your clients may have.

We have a 100% track record helping customers work through concerns that your corporate clients have.

Security for Custom Web Apps

We pride ourselves on patching dozens of client applications within a few hours of a known security risk in a world where other companies usually take months.

1. Assess existing security to identify weak spots needing improvement
2. Containerized existing application using Docker for testing and (optionally) for production in the AWS cloud
3. Continuous Blue Team support to investigate, and update code as necessary for security

Solutions for HIPAA Covered Entities

All of our solutions are available for HIPAA covered entities. We train all of our staff on hire and annually on all of the security and privacy requirements under HIPAA. With an annual contract in place, we will execute a business associate agreement with your organization.

Please Schedule an Appointment to discuss your specific needs.

Bespoke Solutions

When the going gets tough and other developers are stuck, we are here.

Deep understanding of Linux, system administration, and numerous programming languages means we have implemented novel solutions to complex problems using available systems and open source software for clients in many industries.

Just a few examples

• Implement data retention and high security for breachable PII that was mandated to be kept by law using GnuPG and Yubikeys
• Speed up web app that was running painfully slow by optimizing SQL queries
• For an insurance industry client, generate Word and Excel documents using LibreOffice, in Docker, running on AWS Elastic Container Service

Please Schedule an Appointment to discuss your specific needs.

Cybersecurity Training for Development Teams

We have developed training material for corporate clients.

Courses include, but are not limited to:

• Threat modeling
• Cybersecurity Project management
• Preventing a data breach through secure software development
• Ruby on Rails security

Please Schedule an Appointment to discuss your specific needs.