With this "Vulnerability Extermination" service we find security defects in banking, commerce, business, mobile, virtualization, security and other software that you develop or use before anyone else finds them.
Some of our most demanding customers hire us for finding critical vulnerabilities in products built by security-knowledgeable people, reviewed with best automated tools and analyzed by other experts.
And they like what we find.
In a simulation of a real "Advanced Persistent Threat" attack against your information system, we become your friendly attacker and try to penetrate into the most
critical parts of your networks, databases, services and applications in a controlled and managed fashion.
A test like this is the only way to see how well you're really prepared for a targeted attack.
We help you reach informed security-related decisions in application development, when setting up online services and protecting your IT infrastructure.
"We routinely engage ACROS Security when we need a security review of our most popular products."
(CSO at global software vendor with multi-billion revenue)
"We've been leveraging ACROS to perform pentests on most of our acquisitions and we've been very happy with their services."
(Project contact at leading global online company with hundreds of millions of registered users)
It has always been our strategy not to specialize in any particular technology. We're constantly surprising our customers with security defects in desktop or mobile applications, on any operating system, in office devices, network equipment and appliances, complex web applications and online banking systems, anywhere from smartcard applets and web applications to virtualization engines and language interpreters.
Many of the world's largest software vendors have fixed vulnerabilities we reported to them and thanked us for helping them keep their users secure.
About ACROS Security
ACROS Security is specialized in providing advanced security analyses of products and systems. Our in-depth security research pushes the boundaries of global knowledge, keeps our customers ahead of competitors and users safe from attackers.
We work for leading financial institutions, software vendors, online service providers, cloud providers, virtualization solutions providers and others who consider security of their products, information and services critical.
...for updates on our security research.
ACROS in the Media
TechBeacon, "Crowdpatching call-to-action: How micropatching can make it happen"
Help Net Security, "0patch: Microscopic cures for big security holes"
TechTarget, "Crowdsourced vulnerability patching could save us all"
CIO, "Java installer flaw shows why you should clear your Downloads folder"
New Scientist, "Five ways to rob a bank using the internet"
SC Magazine, "Robbing banks at a security conference - legal or not?"
Help Net Security, "The future of attacks on banking systems" (Podcast)
ZDNet, "Should we be focusing on vulnerabilities or exploits?"
>> More media references...
0patch blog: "Patch to Self - The Birth of the World's First Self-Healing Micropatch"
ACROS team will run a "Do-It-Yourself Patching: Writing Your Own Micropatch" workshop at DeepSec 2016.
0patch blog: 0patching Foxit Reader's Heap Buffer Overflow Vulnerability CVE-2016-3740
0patch blog: Writing a 0patch for Acrobat Reader's Use-After-Free Vulnerability CVE-2016-1077
ACROS launched 0patch open beta
ACROS presented CROWDPATCHING - It’s Time to Take Vulnerability Fixing into Our Own Hands at the RSA Conference In San Francisco. Slides are here
0patch blog: Bridging the "Security Update Gap" With 0patch
0patch blog: 0patch: Fixing The Fixing
>> News archive...
0patch is a platform for instantly distributing, applying and removing microscopic binary patches to/from running processes without having to restart these processes (much less reboot the entire computer). Brought to you by ACROS Security.