Our focus is always providing the best quality and highest standard of service available, while treating our client relationships more as partnerships than the traditional client/supplier model. We find this achieves more effective results through a mutual understanding of our clients' security needs.
Our team has deep insights into the areas of:
At edgescan, we take care of your digital security risks – helping you concentrate on your actual business.
As an edgescan partner, you will strengthen your firm's digital security expertise, meet your customers demand and benefit from exclusive special promotions, along with technical support and attractive commission rates.
BCC Risk Advisory professional services provide world class technical security solutions to our clients.
We can provide services from Vulnerability Assessments to Software Security Services to Penetration testing (Pen testing).
Our technical assessment services such as pen testing are based on leading practice such as SANS, CEH and OWASP guidance, production safe and non-invasive.
We use the latest tools and techniques to deliver our pen testing services and our consultants are highly skilled and trained in the latest security approaches.
We have a vast level of experience in the areas of network and software security and work with organisations, both large and small across the globe.
Technical Training is aimed at development and security staff in areas such as:
Secure application development (Java, Web, .Net etc) and Web application pen testing.
Our training combines theory and practical labs in order to both learn by example and also understand the fundamental issues and causes of insecurity. Our training is based on OWASP best practice as our lead technical staff have contributed to OWASP books and guides such as OWASP Testing Guide and the OWASP Code Review Guide.
Our team have delivered such training to many large global organisations and security events such as OWASP EU, OWASP USA and RSA in both the US and Europe We can even customise the training to an individual organisations technology and the particular issues they face if required.
Our executive and management training is aimed at individuals such as Risk managers, CISO's & IT Security managers.
Its focus it to gain an understanding of the issues related to Internet Security and associated business risk. It covers off approaches to addressing common issues when managing the security of an organisation from an executive level and arms management with the knowledge to make informed decisions. It also assists executives with understanding what is required to be compliant with industry regulations (PCI-DSS, GLBA, HIPPA) and regional regulations such as data protection.
edgescan has been recognised by the industry in the following ways:
BCC Risk Advisory support The Open Web Application Security Project foundation (OWASP.org) and assist the foundation with resources and subject matter experts which helps drive the OWASP mission of addressing the causes of application insecurity.
OWASP was founded over a decade ago in response to the need for accurate and high quality security advice and resources delivered via open source licensing.
Check out our free OWASP training slides and papers: [e.g. OWASP Testing Project, OWASP Code Review Guide, OWASP Software Assurance, training slides on owasp.org etc.]
RT @edgescan: The @edgescan stats report is being delayed till January 2018. New items this year: #PCI fail % across the stack CVE % Detai…
3 days ago
BCC Risk Advisory was founded by myself in 2011 out of frustration with the direction the security industry was taking.
Developing secure robust systems can be easier than one thinks assuming one knows what the potential security issues are. It's my view that there was always a disconnect with security folks and the people developing and maintaining systems. In order to help bridge this gap we instil a development culture in all our engineers and consultants; "Don't be afraid to experiment, fail, learn and repeat". Many of our staff have a development background and/or are certified developers of one kind or another. In order to help secure systems we need to embrace the "builder" (developer) mentality, understand pitfalls and also provide pragmatic advice and assistance. We are keen to empower developers and businesses alike with the correct knowledge and understanding of the risks associated with doing business on the Internet. Communication and a common language is of key importance when helping to address system security.
We believe our approach to web and software security is "bleeding edge" and a result of over 15 years of assisting organisations with system security. We assist organisations, both large and small, with managing technical, logical and business risk and believe security is based around understanding the fundamentals of how software and the Internet works.
We understand what real risk "looks like" and strive to help organisations understand what cyber attackers look for when attempting to breach corporate systems.
Our culture is all about being mature about risk and security; Understanding the bridge between technical vulnerability and business risk.
We pride ourselves in relation to upskilling our clients in terms of awareness and technical knowhow. We want our clients to undergo continuous improvement and learn from any mistakes which may (and do) occur when building software systems to enable and improve business process and productivity.
We understand the complexities and complications of managing and delivering security services in a variety of environments.
A world class technical team helping you secure your digital assets.