Web Security Assessment

How does web security assessment improve security ?

Gold Standard: Fagan Style Inspection helps understand risks and improves security posture for every security audit.
  • Pre-review meeting
  • Formal meeting
  • Written review report
  • Follow-up and possible re-inspection
  • The more formal the review, the higher the payoff

Web Application Security Testing Methodology

Web applications developed on all the below solutions would require security assessment.
Secure the future with our Center of Excellence and withstand a cyber attack driven by 2mmth of skilled  hackers.
  • Content Management Solutions
  • ERP Solutions
  • Monetised API Interfaces
  • Cloud Integrations
  • Azure Applications
  • AWS Applications
  • Google Applications
  • Heroku Applications
  • Serverless Applications
  • Dependent Libraries Review
  • Applications built on Web
  • Hybrid Web Applications

Application Security Assessment

Methodology Different software testing techniques are employed to unearth application security vulnerabilities, weaknesses and concerns related to Authentication, Authorization, Session Management, Input/output Validation, Processing Errors, Information Leakage, Denial of Service etc. Typical issues which may be discovered in an application security audit include Cross-site scripting, Broken ACLs/Weak passwords, Weak session management, Buffer overflows, Forceful browsing, CGI-BIN manipulation, Form/hidden field manipulation, Command injection, Insecure use of cryptography, Cookie poisoning, SQL injection, Server mis-configurations, Well-known platform vulnerabilities, Errors triggering sensitive information leak etc. For web applications OWASP (Open Web Application Security Project) guidelines is used for the assessment. All the assessment are carried out using both state-of-the-art tools and manual testing methods.

Penetration Testing

Vulnerability Assessment

Methodology: This is a security audit and privilege access and administrator assistance is required for configuration audit. This is done directly on the system with physical and logical access. System configuration checking and vulnerability scanning is performed to find out weaknesses, vulnerabilities and mis-configuration in the target hosts.

Deliverable

A detail report with discovered vulnerabilities, weaknesses and mis-configurations with associated risk levels and recommended actions for the risk mitigation will be submitted.

WHITE PAPERS

Mallet in the Middle

I recently had an assessment reviewing a kiosk application. As I have been working on Mallet recently, this…

10 October 2018

ALL

USE CASE

DNS-shell

DNS-Shell is an interactive Shell over DNS channel. The server is Python based and can run on any…

10 October 2018

ALL

SAMPLE REPORTS

Mallet in the Middle

I recently had an assessment reviewing a kiosk application. As I have been working on Mallet recently, this…

10 October 2018

ALL

Get in touch with us

Please select an area that you would like to enquire about and we’ll get back to you as soon as possible.

Loading

Pretoria

123-456-789

London

123-456-789

Cape Town

123-456-789

Whatsapp

123-456-789

LinkedinRssYouTube