Designed for institutions with customized web applications exposed to the Internet. Whether the application has been developed internally or outsourced, our Web Application Assessment is vital to ensure peace of mind and know these web applications are secure.
While security should be part of the development process from the start, knowing that the final product meets your institution’s risk tolerance is worth its weight in gold.
Most web applications interact directly or indirectly with critical databases, which are a key target for most malicious attacks. Understanding the vulnerabilities these applications have and working through the mitigation process will result in a more secure web application environment.
Our Web Application Assessment uses a variety of tool sets and tests that are designed to ferret out the most sophisticated web application vulnerabilities. In addition, general coding and configuration best practices are identified.
Web Application Assessments should be a regular and ongoing part of any Internet accessible web application development process, with a full assessment being performed annually and/or on each major version change.
The scope of our Web Application Assessment is customized for each client and application. The following are some of the testing areas that may be performed:
- SQL Attacks
- Authentication Mechanisms
- Session Handling
- Cross-site Scripting
The 10-D Security Difference
- Our experience with critical and sensitive infrastructures of financial institutions and other clients gives us unique knowledge for safely and efficiently maneuvering in these environments.
- Our professionals have development experience and are certified.
- We provide risk-based, concise, professional, and easy to read reports delivered promptly.
You would benefit from a 10-D
Web Application Assessment if
- You are utilizing a custom designed/built online application.
- You have personal identifiable information, intellectual property, or other critical function to protect.
- You are regulated by GLBA, HIPAA, SOX, or PCI.