PIERRE.CONSULTING
System & Software Security
Software systems are notoriously hard to secure. And a security breach can have a devastasting impact on a company and its customers. Be it financial or data loss, loss of customer trust, privacy breach, damaged systems, bad PR, the impact is typically very significant.
Nonetheless, a sound engineering approach can help reduce the likelyhood of such incidents. First, security must be made an integral part of the engineering process; it has to be a conscious factor when developing software systems. Second, appropriate steps must be taken to evaluate and validate the security of a system.
While there are agencies and companies providing security testing, they often fall short. They do not have long lasting impact, as they tend to not focus on improving internal development processes to avoid re-occurence of issues. And additionally the actual testing tends to rely on standardized tools or methods. While that type of testing is a necessity, it only provides a basic level of assurance. The hacker mentality will use many advanced techniques to find a way in. We can provide a much more customized, advanced and intelligent penetration test by leveraging access to your code, scanning it for weaker areas, and developing a targeted pentest.
Project selection
Mobile app and software infrastructure
Penetration test of a large Indonesian transportation provider. Several issues found and fixed.
Jakarta, Indonesia
RFID based transportation system
Reported weaknesses in the RFID cards and data scheme used for transportation payment
Jakarta, Indonesia
E-Money banking infrastructure
Reported issues in the security of an e-money issuer.
Jakarta, Indonesia
Mobile Application and Device Management
Responsible for the delivery and architecture of Citrix XenMobile product. Built the engineering team and product from zero to a USD 250M business in 2 years. The product had mobile client components (iOS, Android, Windows) and backend product to enable secure delivery of enterprise applications and data, as well as their secure containerization, to user personal devices. Successfully deployed in many Fortune 500 companies and Government agencies, with individual deployements in the 100K+ users each.
Silicon Valley, U.S.A.
Citrix Network security (Firewalls and VPN)
Responsible for the engineering of network security products, from layer 3 to 7 (from IP, IPSEC, VPN protocols, SSL, and application specific security)
Silicon Valley, U.S.A.