Are you secure?
Satisfaction Guaranteed
Data breaches, account takeovers, and misconfigurations are common security issues we have found in our clients. Having security concerns about your business-critical application and server? We can help make your business safer in this changing world with our experienced professionals.
Services
see which ones suit your needs
Cloud Security
Assessment
Business rely on cloud technology but have no idea of its security?
​
We offer the followings on major cloud platforms*:
-
Security Configuration Review
-
Security Assessment​
​
*: platforms are: AWS, Alibaba
Penetration Testing
(Network, Server)
Want to test the security level of your business infrastructure? This best suit your needs!
​
This focus on the server and network to identify the existing weaknesses.
Web and Mobile Application Penetration Testing
The most common attack entry point, and most of the business rely on these applications.
​
Eliminate the potential weaknesses by performing pen-test exercise on
web & mobile applications to reduce the potential impact to your business!
Vulnerability Scanning
Regular scanning to catch the vulnerabilities that might be applicable to your server.
Be the one to know the vulnerability before the others and stay ahead of the security threats!
Red Teaming Exercise
Finding a way to test the security level of your organization? Try out our Red Teaming service and get insight to the overall security posture.
​
Red Teaming is an objective-oriented exercise which we will simulate the real-world attack flow in order to achieve the objective.
Security Risk Assessment
and Audit (SRAA)
Need to fulfill the compliance requirement? By performing SRAA, we can carry out the potential issues and provide recommendations to rectify the issues in order to meet
the security requirements.
01
Pre-engagement Interactions
Definding scope of test, test period, things to notice, and request some information for the exercise.
02
Testing Phase
The exercise begins, starting from intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post-exploitation movements.
03
Reporting Phase
Post exercise report, list out the detail of the identified issues and corresponding remediations. Debriefing the client by walking through the report findings.
04
Retest Phase
After the remediations applied, retest the identified issues to ensure they are properly fixed.
OUR EXPERTISE
Protect Your Business with DracoSec's professionals
At DracoSec, we are a leading Cyber Security Consulting Firm based in Hong Kong. With a focus on cloud security and penetration testing, we help businesses across various industries achieving their security goals and stay ahead from potential threats.