Designed for those companies with customized web applications exposed to the Internet, whether the application has been developed internally or outsourced, the Web Application Assessment is vital to ensure peace of mind and know these web applications are secure.
While security should be part of the development project from the start, knowing that the final product meets your organization’s risk tolerance is worth its weight in gold.
Most web applications interact directly or indirectly with critical databases, which are a key target for most malicious attacks. Understanding the vulnerabilities these applications have and working through the mitigation process will result in a more secure web application environment.
Our Assessment uses a variety of tool sets and tests that are designed to ferret out the most sophisticated web application vulnerabilities. In addition, general coding and configuration best practices are identified.
Web Application Assessments should be a regular and ongoing part of any Internet accessible web application development process, with a full assessment being performed annually and/or on each major version change.
Most web applications interact directly or indirectly with critical databases, which are a key target for most malicious attacks.
The 10-D Security Difference
- Our experience with critical and sensitive infrastructures of financial institutions and other clients gives us unique knowledge for safely and efficiently maneuvering in these environments.
- Our professionals have development experience and are certified.
- Our risk-based reports are prompt and easy to read.
Who Benefits from a Web Application Assessment?
This service applies to organizations:
- Utilizing a custom designed/built online application.
- With Personal Identifiable Information, Intellectual Property or other critical function, to protect.
- Regulated by GLBA, HIPAA, SOX or PCI.
The Scope of Work
The scope of our Web Application Assessment is straight forward and customized for each client and application. The following are some of the testing areas that may be performed:
- SQL Attacks
- Authentication Mechanisms
- Session Handling
- Cross Side Scripting