With this "Vulnerability Extermination" service we find security defects in banking, commerce, business, mobile, virtualization, security and other software that you develop or use before anyone else finds them.
Some of our most demanding customers hire us for finding critical vulnerabilities in products built by security-knowledgeable people, reviewed with best automated tools and analyzed by other experts.
And they like what we find.
In a simulation of a real "Advanced Persistent Threat" attack against your information system, we become your friendly attacker and try to penetrate into the most
critical parts of your networks, databases, services and applications in a controlled and managed fashion.
A test like this is the only way to see how well you're really prepared for a targeted attack.
We help you reach informed security-related decisions in application development, when setting up online services and protecting your IT infrastructure.
"We routinely engage ACROS Security when we need a security review of our most popular products."
(CSO at global software vendor with multi-billion revenue)
"We've been leveraging ACROS to perform pentests on most of our acquisitions and we've been very happy with their services."
(Project contact at leading global online company with hundreds of millions of registered users)
It has always been our strategy not to specialize in any particular technology. We're constantly surprising our customers with security defects in desktop or mobile applications, on any operating system, in office devices, network equipment and appliances, complex web applications and online banking systems, anywhere from smartcard applets and web applications to virtualization engines and language interpreters.
Many of the world's largest software vendors have fixed vulnerabilities we reported to them and thanked us for helping them keep their users secure.
About ACROS Security
ACROS Security is specialized in providing advanced security analyses of products and systems. Our in-depth security research pushes the boundaries of global knowledge, keeps our customers ahead of competitors and users safe from attackers.
We work for leading financial institutions, software vendors, online service providers, cloud providers, virtualization solutions providers and others who consider security of their products, information and services critical.
...for updates on our security research.
ACROS in the Media (highlights)
Bleeping Computer, "OpenOffice Zero-Day Code Execution Flaw Gets Free Micropatch"
Softpedia, "Three Reasons You Shouldn't Pay for Windows 7 Updates"
CSO, "Temporary micropatch available for zero-day Windows exploit"
Bleeping Computer, "Windows Zero-Day PoC Lets You Read Any File with System Level Access"
ZDNet, "Microsoft Windows zero-day disclosed on Twitter, again"
CSO, "Microsoft patch for JET flaw zero-day is ‘incomplete,’ Windows still vulnerable"
Threatpost, "Microsoft Zero-Day Patch for JET Bug Incomplete, Claims Firm"
SecurityWeek, "Third-Party Patch Available for Microsoft JET Database Zero-Day"
Forbes, "Windows 0-Day ALPC Bug Exploit Patched By Third Party Ahead Of Microsoft's Official Update"
>> More media references...
0patch blog: Sorry, Adobe Reader, We're Not Letting You Phone Home Without User's Consent (0day)
0patch blog: One... Two... Three Micropatches For Three Windows 0days
A new 0patch Agent is released
0patch blog: Patching, Re-Patching and Meta-Patching the Jet Database Engine RCE (CVE-2018-8423)
0patch blog: Outrunning Attackers On The Jet Database Engine 0day (CVE-2018-8423)
0patch blog: How We Micropatched a Publicly Dropped 0day in Task Scheduler (CVE-2018-8440)
0patch blog: Windows Updates Broke Your Networking? Free Micropatches To The Rescue (CVE-2018-8174)
Security Patching is Hard - Survey Results 2017
0patch blog: Micropatching Brings The Abandoned Equation Editor Back To Life
ACROS presented "We're micropatching 0days and so can you" at the InfoSek Conference 2017. Slides are here
>> More news...
0patch is a platform for instantly distributing, applying and removing microscopic binary patches to/from running processes without having to restart these processes (much less reboot the entire computer). Brought to you by ACROS Security.