We perform attacks on critical services exposed in the DMZ area.

The attacker, with no additional provided information, collects publicly available data from external sources and utilizes this information for the attack. We assess the impact on service availability within the range where service disruption does not occur.
Our goal is to proactively prevent risks posed by malicious external attackers and provide guidelines for defense.

We analyze the customer's entire service from a long-term perspective to prioritize and perform security assessments. As regular diagnostic information accumulates for customer services, CODEVECTOR gains a deeper understanding of the services. This understanding allows us to be advantageous in discovering additional vulnerabilities in subsequent feature updates following the initial service launch.
Additionally, for common modules in services where new CVE vulnerabilities may exist, we conduct urgent thematic assessments. This approach minimizes 'diagnostic gaps' where vulnerabilities might be left unattended between regular diagnostics.

Mobile security diagnostics are a service aimed at protecting users from threats that can manifest in various forms within the mobile environment. For mobile apps provided as a national service to the general public, we offer scenarios to mitigate the potential for malicious analysis and tampering by malicious users. We also define and provide scenarios for potential misuse, allowing for swift actions to be taken.
Regarding unauthorized app usage by internal employees, we anticipate risks associated with potential threats through unauthorized app usage and scenarios involving tampered malicious apps. We conduct comprehensive mobile diagnostic tests from various perspectives.

This diagnostic service covers various product categories in which loT technology is integrated, including Home loT Services, Healthcare loT Devices, Smart loT Mobility Systems, Smart Farm loT Devices, Manufacturing Equipment, and more.
We tailor our assessments to each product category, identifying potential vulnerabilities specific to each. Our analyses encompass a wide range of aspects, including the network environment in which loT devices are deployed, the internal security logic of the devices, and tests for the integrity and tampering of data input into the devices. Through this comprehensive analysis, we evaluate the security of loT devices and provide services that offer possible attack scenarios.

We offer firmware penetration testing services for a wide range of industries, including manufacturing process systems and smart terminals.
Our services encompass a comprehensive approach, starting from listing the functionalities provided by the firmware. We then conduct binary reversing for each function to identify vulnerabilities and assess threat factors related to associated systems for prevention.
This service goes beyond just loT device vulnerabilities, allowing for the evaluation of the impact on systems within which firmware is applied. We provide guidance for both network environments and system aspects.

The RedTeam operated by CODEVECTOR conducts a level of vulnerability assessment that goes beyond typical vulnerability assessments or scenario-based assessments.
During the project, we create and test scenarios for customer's comprehensive infrastructure and internal penetration with the objective of exfiltrating project goals such as customer information, contract information, company confidential data, design process drawings, non-public patent information, and more. This encompasses attacks not only on simple web and mobile services but also on third-party equipment and applications essential for service operation, considering all possibilities.