facebook pixelBlack Box Audit™ - Shaw and Partners


Most acquisitive companies are proficient at operational, financial, and competitive due diligence, but are you overlooking a technical audit of targets? A technical audit can be a key differentiator in early-stage value determination and can prove invaluable in avoiding costly software and development surprises post-acquisition.

WHAT IS A Black Box Audit?

The most comprehensive technical audit possible, without warning target companies, can eliminate many potential risks during deal origination. Once a target is engaged, we offer a detailed final due diligence program where we interact with the target's management.

   Security Audit
  • Source Code Audit
  • Audio/Video/Voice Call Systems Pen-Testing
  • Server OS Detection/Fingerprinting
  • Automated Security Scans
  • Network Vulnerability Assessment
  • Network Threat Assessment
  • Cloud (AWS, Azure, GCP) Pen-Testing
  • User Interface Testing
  • News/Media Analysis
   Quality Analysis
  • Open Source Vulnerability Search
  • Third-Party Risk Assessment
  • Encryption Analysis
  • Web Services and API Risk Assessment
  • Design Quality Audit
  • Code/Software Development Audit
  • Channel Log Analysis
  • LinkedIn Staff Analysis
  • Front-End Structure and Code Quality Review
  • Dependency Deprecation Analysis


Timely Testing

Shaw and Partners’ fully remote structure makes immediate testing possible by providing access to uniquely skilled testers on demand.

Security & Quality Review Strategy

An Audit specifically designed to provide a clear picture of a target’s technological risks and vulnerabilities, with recommendations to properly support your M&A due diligence.

NDAs & Contracts

We operate under the strictest confidence. Our testers and contracts are backed by Non-Disclosure Agreements to ensure our every action remains secure and confidential.

Real-Time Results

Receive vulnerability and risk insights as our testers discover them. This reduces risk by providing solutions that can be implemented while our audit progresses.


Our security experts review each finding and prioritize critical vulnerabilities providing recommendations for those first.

Options for Tester Incentivization

Our testers’ skills are matched to best suit specific evaluations. To promote the discovery of more complex vulnerabilities, we offer the option to provide incentives for testers per vulnerability.


Our focus lets inhouse security concentrate on day-to-day tasks, while the Black Box Audit team is dedicated to reviewing, locating, validating, and prioritizing risks and vulnerabilities of a target under an M&A negotiation.

Executive Report & Recommendations

Our final report will provide management with details on methodology, findings, risk ratings, and recommendations to secure a smooth M&A from a technological point of view.


To illustrate our strategy, we assessed Zoom, WebEx, BlueJeans, GoToMeeting, GlobalMeet and Join.Me, the top six video conferencing services in the market.

Available upon request, our full analysis consists of a 20+ page presentation and more than 50 pages of supporting documentation.

  • Which companies rate best in security and quality?
  • Which share private users’ information with third parties?
  • Which have private secret keys exposed in their code?
  • Which have vulnerabilities open to cross-site scripting, click-jacking, and other security attacks?
  • And much more!
meet icon


Web App Vulnerabilities2 High
2 Medium
2 Low

meet icon


Web App Vulnerabilities1 Critical
8 High
4 Moderate
3 Low
meet icon


Web App Vulnerabilities2 High
2 Medium
2 Low

meet icon


Web App Vulnerabilities2 High
2 Medium
2 Low

meet icon


Web App Vulnerabilities1 Critical
8 High
4 Moderate
3 Low
meet icon


Web App Vulnerabilities23 High
8 Moderate
12 Low


Risks can range from simple miss-calculations on the valuation of targets and peers, to costly software re-builds post-acquisition.
Datto states that businesses lost $8,500 per hour due to ransomware-induced downtime.
Insurance carrier Hiscox, reports that cyber attacks cost businesses of all sizes $200,000 on average.
According to the University of Maryland, hackers attack every 39 seconds, on average 2,244 times a day.
2024 © All rights reserved. Shaw and Partners