Test in depth the security of your organization
    with our Tiger Team and Penetration Testing services
    Read More
    Identify and mitigate risks in Mobile Applications
    using our state-of-the-art assessments
    Read More
    Build software meeting
    high security standards
    Read More
    Watch the CENSUS ID video
    on the CENSUS Youtube Channel
    Watch on Youtube


CENSUS provides specialized services for the security assessment of products and the implementation of a Secure Systems Development Lifecycle. A brief overview of the related services is provided below. To learn more about these services and how these can enhance the product development process please see our whitepaper on the subject.

Design Level Review - Enforce Security By Design by having CENSUS experts review design level documentation of software features / projects, hardware components / architectures, new protocols and network architectures.

Source Code Auditing - A manual line-by-line security review of a product's (or component's) source code coupled with functional security testing. This is the best way to identify software vulnerabilities and prepare for a high quality release. CENSUS provides source code auditing services for software implemented in the following programming languages:

  • C
  • C++
  • Objective C
  • Java
  • C#
  • Rust
  • Go
  • PHP
  • Python
  • Ruby
  • Perl
  • Swift
  • JavaScript
  • x86 & ARM Assembly (32bit and 64bit)
  • ASP
  • VB
  • Unix Shell
  • Powershell
  • Fortran
  • Pascal
  • Cobol

Device Security Testing - Comprehensive security testing for the hardware and software of electronic devices.

(Read more in our Device Security Testing and Laboratory Capabilities whitepapers)

Application Security Testing - "Black box" security testing for any type of application, including desktop applications, mobile apps and web applications. Web Application Security Testing provides remote testing for the whole stack of deployed web applications, covering all desired functionalities and user roles. Mobile App Security Testing is a specialized service for in-depth testing of iOS & Android apps (including related web APIs and communications with other devices / software components).

Product Infrastructure Penetration Testing - Use the Network and Cloud Infrastructure Testing module of our "Organization Security Testing" services to test the security posture of the infrastructure (e.g. IaaS / PaaS / Kubernetes setup, host setup, container setup, firewall / IDS / IPS setup etc.) that supports a product release / installation.

Threat Modeling and other Security Documentation - Develop a Threat Model, to map out important threats and prioritize work on countermeasures. CENSUS can also prepare other required security documentation such as a Product Security Plan, a Security Architecture document, a Data Classification document or a Product Disposal Plan. Moreover, necessary procedures, documentation and risk assessments can be prepared to fulfill product pre-market / post-market cybersecurity requirements (e.g. medical device FDA pre-market submission requirements).

Secure SDLC - Specialized security assessment and consulting services to help businesses build and maintain a Secure Systems Development Lifecycle for products.


Organization Security testing is the process by which the security of an organization is systematically tested. Testing is performed with the same means that malicious actors use, under a methodology that makes the results of the tests beneficial to the under assessment organization.

The scope of the tests is not limited only to hardware and software resources, but includes all aspects of the organizational structure, such as processes and human resources.

CENSUS uses the latest attack techniques along with the results of its in-house vulnerability research to identify common and acknowledged vulnerabilities and distinguish the possibilities of zero day attacks. Our organization security testing services can be offered in various ways depending on the required depth of testing and the nature of the organization/client. The following options of Offensive and Defensive services are available:

Offensive Services

  • Tiger Team

As the cornerstone of cybersecurity offensive services, this type of assessment allows organizations to reveal the blind spots and weaknesses in their digital and physical defenses that may not be evident through traditional pentesting methods while challenging the readiness of their incident response teams. The Tiger Team targets the core business, testing all layers of the organization's security architecture, making every effort to remain undetected and sharing information about the attack only with upper management. This black box-only engagement does not have a specific project plan or scope. The attack may occur anytime.

  • Assume Breach

In the ever-evolving landscape of cybersecurity, breaches are not a matter of 'if', but a matter of 'when’. In the recent years, organizations invested heavily in fortifying their digital defenses, aiming to create impenetrable security perimeters. However, recognizing that breaches will occur despite having the best security measures in place is an unfortunate harsh reality that must be accepted. This dynamic environment of escalating cyber threats, led to the advent of the "assume breach" cybersecurity paradigm that places a strong emphasis on readiness and resilience.

The service is designed to simulate post-breach activities to assess an organization's capacity to detect, to respond, and to mitigate the impacts of a breach. It allows organizations to identify issues laterally on their defensive stack to greater effect, instead of focusing on a single point of failure (e.g., blaming an employee for opening a malicious executable).

  • AI Cybersecurity Resilience

Incorporating the transformative nature of artificial intelligence into various industry sectors has brought significant benefits and revolutionized the existing business operations in ways far beyond the realm of human imagination. However, this groundbreaking technology also introduced several novel cybersecurity risks and became a matter of concern.

The AI Cybersecurity Resilience service is designed to address the need for pentesting AI-enabled services, a necessary step to ensure and safeguard the viability of AI based technology in organizations with a strong commitment to cybersecurity. Furthermore, the AI Cybersecurity Resilience service is designed to harness the power of AI to improve existing cybersecurity models and unveil more sophisticated types of threats for an organization.

  • Red Team

In the arsenal of CENSUS cyber security services, Red Team is the ultimate tool that allows organizations to test and bolster their cybersecurity defenses as well as prepare for real-world attacks. Unlike traditional penetration tests which are solely focused on identifying vulnerabilities, the Red Team conducts realistic, scenario-based assessments by imitating the tactics, techniques, and procedures (TTPs) of malicious actors, unveiling gaps and weaknesses across all the organization’s layers.

  • Purple Team

CENSUS Purple Team service provides an innovative collaborative approach to cybersecurity assessments. It combines the offensive techniques, tactics and procedures of real-world threat actors as defined by the Red Team service, with the evaluation of detection and response defensive capabilities of the organization’s own Blue Team. The Purple Team attack scenarios are carefully designed and selected to stress the organization’s defenses in any manner possible. Together, both teams collaborate to improve the existing defense mechanisms, to enhance incident response plans and procedures, and to strengthen the cyber security posture of the organization.

Defensive Services

  • Cyber Threat Intel Services

This service will assist organizations in understanding the threat landscape, their attack surface, the tactics, techniques, and procedures employed by threat actors that are relevant to their business model, the digital exposure of the organization's high-value targets, and how to utilize the obtained information to develop a proactive threat-driven defense strategy.

The team will leverage publicly available information from a variety of sources such as social media platforms, search engines, public records and government accessible databases, dark web forums, research institutions and websites to gather insights into potential threats for the in-scope organization.

  • White Team

The key to building a robust cybersecurity program is ensuring that the organization is well equipped to navigate the complicated and dynamic cyber landscape which is growing by the day. Unfortunately, this would require building and maintaining a strong team of skilled professionals with high expertise in a variety of cybersecurity sectors. These enlisted professionals should also be able to monitor and adapt on the emerging threats while trying to align the cybersecurity strategy in multiple different organizational units.
However, to build this core foundation team, significant capital and organization resources would be required in a post-pandemic era in which there is a surge in demand for cybersecurity talents. Moreover, the cyber threats are constantly increasing, and by the time the team is ready, it may have been too late. CENSUS’ White Team consists of experts in the field with a strong commitment to cybersecurity, ready to meet the organization’s such urgent demands. The primary objective of the service is to provide all the necessary help and guidance to the organizations to fill the gaps in the internal processes and setup a holistic cybersecurity plan.

  • Gold Team (War Room)

To prepare for the next cybersecurity crisis, an organization should ensure that they have controls, policies, procedures, and the appropriate teams in place to accelerate every aspect of responding to and recovering from emerging threats. The Gold Team focuses on improving preparedness and resilience for emerging cyber security threats, by promoting coherence and efficiency in the organization’s cyber security strategy.

The service allows organizations to perform theoretical crisis simulation to test their response to various cyber threats and incidents. This is performed using specially designed table-top exercises and activities, tailored to the business model of the client, that are conducted in a discussion-based and in an interview-based approach. The assessment aims to identify the weak point of failure in the existing cybersecurity plan of an organization.

  • Blue Team

The Blue Team service helps organizations to tap into a pool of cyber security experts when they require specific skills that are not available in-house, and quickly scale their workforce without the delays associated with traditional hiring processes. Members of the Blue Team can assist organizations in a wide range of activities, including everyday cybersecurity tasks and research and development activities.  Organizations can improve the existing security controls or develop new customized defensive controls, tailored to the needs of their ecosystem, using the expertise and the experience of the Blue Team members.

This strategy allows the organizations to address specific skill gaps and handle successfully short-term or long-term projects with tight requirements. As a result, organizations are able to stay abreast of the latest attacks and defenses, industry best practices, and add to the capabilities of their own in-house teams.


CENSUS offers Advisory Services to help companies create, acquire, and deliver secure products and software. Our Advisory Services team can guide you through the creation of a comprehensive Application Security Program that will help you set up all necessary policies, guidelines, procedures, and standards that will enable you to produce secure applications and products. CENSUS cyber security consultants have significant experience in Security Design and Architecture and have performed numerous Threat Modeling projects. Our team can also help you fulfill product pre-market and post-market cybersecurity and compliance requirements in various sectors (e.g., medical device FDA pre-market submission requirements, NIST SSDF, and more.).


  • Maturity Assessment and Roadmap
  • AppSec Program Strategy – “Shift Left” Security
  • Training


  • Secure Design
  • Security Architecture
  • Threat Modeling

Maturity Assessment and Roadmap - CENSUS offers a specialized Application Security Maturity Assessment service that aims to measure the maturity of an organization in terms of software assurance. Based on the OWASP SAMM model and combined with the experience and best practices from client engagements, CENSUS assessment methodology is used to assess the status of security activities in all stages of the development lifecycle. Our methodology ensures a consistent and reproducible outcome that helps you create and follow a roadmap for improving your software assurance posture with measurable results.

AppSec Program Strategy - Creating secure software is by no means a trivial task. Several methodologies have been proposed for adopting a Secure Development Lifecycle (SDLC). At the same time, modern software has evolved with technologies like containers, the Cloud and the concept of CI/CD completely changing the way that applications are now developed.

CENSUS offers consulting services that go beyond the establishment of a SDLC. Our goal is to help you adopt a “shift left” security strategy and implement security practices throughout the entire development lifecycle, rather than just in the end, by guiding you through the creation of a comprehensive Application Security Program that will help you set up all necessary policies, guidelines, and standards in order to produce secure applications. Furthermore, it provides full visibility into your application security posture and enables you to monitor the security level of your applications.

CENSUS AppSec Program Strategy advisory services can be offered to all types of companies; from boutique software houses to large organizations. CENSUS can also prepare other required security documentation such as a Product Security Plan, a Security Architecture document, a Data Classification document or a Product Disposal Plan. Moreover, necessary procedures, documentation, and risk assessments can be prepared to fulfill product pre-market / post-market cybersecurity and compliance requirements (e.g., medical device FDA pre-market submission requirements, NIST SSDF, and more.).

Training - Cyber Security Training is not just another compliance requirement, but an essential element of a cyber security program. CENSUS offers a variety of courses, delivered by expert trainers with vast field experience. Developers, architects, testers, security champions, and anyone involved in software development can benefit from our courses.

Training topics include:

  • Application Security Fundamentals
  • Building Secure Web Applications and Web Services
  • Mobile Application Security - Attack and Defense (covering Android and iOS apps)
  • Building Secure Applications in the Cloud (covering Azure. AWS, and GCP)
  • Secure Development in Java
  • Secure Development in C/C++
  • Cyber Security Awareness Training/IT Security Hygiene
  • Implementing a Secure Systems Development Lifecycle

Secure Design - Security by Design has become an essential requirement for many legal and regulatory standards. Additionally, establishing security requirements and choosing the appropriate security controls early in the development lifecycle is essential for producing secure software.

CENSUS offers consulting services to assist you throughout the entire design phase. A threat and risk assessment can be performed to identify the risk profile of your applications, identify and review security and privacy requirements, and assist you in handling software supply chain risk and relevant requirements. Our goal is to help you choose and justify the appropriate security controls for your application in order to minimize the identified risks. In addition, CENSUS offers consulting services for the security review of design documents, including the design-level review of new protocols and security controls. The work performed in this phase will stand as a rigorous test to the concepts portrayed in the project design documents and will justify countermeasures that need to be taken in order to minimize the identified risks.

Security Architecture - An essential part of the software design process is Security Architecture. CENSUS provides consulting services for both evaluating and designing the security architecture of your applications and products. The entire project security architecture plan will be reviewed to identify weaknesses and suggest improvements, by following a product agnostic methodology. Our goal is to complement your IT architecture practice with our risk management expertise in order to help you make the right choices in terms of technology.

CENSUS can also provide assistance in creating and maintaining reference architectures across your enterprise. The use of reference architectures in software development aids in streamlining the software design process and harmonizing the use of specific components, frameworks, and technologies. Having an organization-wide reference architecture is even more important for cloud-native or container-based environments that require a completely different approach to application development.

Threat Modeling - Threat modeling is an essential part of the software design process and a hard compliance requirement for many industries, such as medical device manufacturing and automotive. By following a structured approach and involving a variety of stakeholders, including architects, product managers, security champions, and even testers, Threat Modeling can help you identify and manage threats to your applications.

CENSUS can help you develop a threat model to map out important threats and prioritize work on countermeasures. Our consultants can work with your teams to establish a Threat Modeling process that fits your needs. Threat models provide a detailed understanding of an application’s architecture and environment, and help understand architectural and design flaws, as well as the controls that can best mitigate them.


A vulnerability is a state in a computing system that violates that system's security model. At CENSUS we recognize that security is not a goal but a process, therefore we heavily invest in research for unknown vulnerabilities as part of our security assessment services.

Our vulnerability research services ensure that a software product, a system implementation, or a new technology that an organization is planning to invest in meets strict security requirements and does not suffer from vulnerabilities. We can provide detailed deliverables that empower the client to make informed strategic decisions towards new technologies, choose the most secure solution that meets his requirements, and preemptively reduce investment risk.

CENSUS employs a top-down approach which allows the identification of the most exposed applications and systems in a client's IT environment, followed by a thorough investigation for unknown vulnerabilities in these elements. We have extensive experience and specialised knowledge in the field of vulnerability research and we employ focused techniques such as fuzzing, reverse engineering, source code auditing (in cases where source code is available), static and dynamic analysis in order to identify vulnerabilities and clearly demonstrate their impact on a system's security model.

CENSUS also provides training in the field of vulnerability research. Our education services include the detailed analysis of vulnerability classes in software systems (both in userland and kernel space), methodologies for identifying new vulnerabilities, and the development of targeted programs for exposing the impact of vulnerabilities. We normally do not confine our training to a single operating system, giving our clients the opportunity to be educated in a variety of platforms. However, we can provide vulnerability research training on a client-chosen operating system if so required.

If you have a business interest in our vulnerability research services, please contact us so we can provide you with detailed information.