Security Testing & Code Audits

There is so much technology on a modern cruise ship that it’s hard to keep track of it all. On top of managing all of the devices, networks, and applications lie concerns for privacy, security, and stability. Every open Wi-Fi connection, network port, digital kiosk, and mobile app offers potential gateways to a data breach or systems failure.

We offer a number of code and security tests for our partners:

Onboard Security Testing

Sourcetoad’s white hat engineers make sure our in-house solutions are battle-ready. The same principles they use internally can be applied to find weaknesses in both guest and staff hospitality systems. The techniques used will vary from project to project, but can include:

  • Attempting man-in-the-middle attacks
  • Sniffing network traffic
  • Password testing
  • Decompiling publicly available mobile apps

Our engineers work with our product managers to create understandable and actionable threat assessments.

Accessibility Compliance Checks

Recent lawsuits have shown how increasing important accessibility requirements for web and mobile systems are becoming. If your guest-facing systems are not ADA compliant in the US, or AA compliant in the EU, you are likely open to litigation. Knowing that systems should be compliant and actually getting there are different matter entirely. Many of the testing facilities will only tell you what is not in compliance, but Sourcetoad can tell your developers how to actually fix it. Our engineers will even work alongside your teams to help them get out of the legal crosshairs.

Mobile App Analysis

Almost every company has some sort of mobile strategy. Mobile systems have spread everywhere, including:

  • Hospitality staff devices
  • Point of sales
  • Check-in tools
  • Publicly facing guest apps

The problem is that strong mobile development practices are rarer than you would think. Pair that with the fact that you now drastically increase the number of people exposed to your IT systems, and you can start to see the potential for disaster. Sourcetoad can help you examine the underlying mobile systems and applications your business relies on. We can tell you how much exposure you are open to and provide detailed instructions to your developers on how to close the gaps.

Code Audits

Have you ever commissioned a piece of software developed and had suspicions that you didn’t get what you paid for? Then you might want to schedule a code audit. A code audit is a meticulous examination of a piece of software’s source code to discover whether there are vulnerabilities, programming errors, or bugs. If a previous development team created a piece of legacy software, we can help you determine if you have anything to worry about. This means giving you a detailed report on the software’s security, stability, and sustainability. But ultimately, we can let you know if you have gotten your money’s worth.

Working out how to break things is sometimes more fun than even building them, especially if we were asked to break it. If you have a system or process you’d like to dig deeper into, schedule a quick call with us to learn more about how we can help you.

Apktool

Sourcetoad sponsors Apktool’s development to help ensure that this valuable tool continues to thrive and is free for security professionals, researchers, and enthusiasts to use.