Web Application Testing
The Red-Team ethical hackers utilize a combination of automated and manual tests using the latest tools and techniques to ensure excellent coverage. Our aim is to identify all potential vulnerabilities during assessments; this includes the top ten threats identified by the Open Web Application Security Project (OWASP):
- Cross site scripting (XSS)
- Injection flaws
- Malicious file execution
- Insecure direct object reference
- Cross site request forgery (CSRF)
- Information leakage and improper error handling
- Broken authentication and session management
- Insecure cryptographic storage
- Insecure communications
- Failure to restrict URL access
All issues found during a web application assessment are documented in a comprehensive, easy to understand security test report. Each documented issue includes business risk and technical impact, examples of attack vector, screen shots and remedial action required. We also provide a free post test support service to ensure all issues are clearly understood and answer any questions that may arise.
