The Web Application Vulnerability Assessment is designed to uncover weaknesses in your web application security environment, such as the web server configuration, application code and/or database server issues. Our tests and recommendations will allow you to optimize your company’s security stance and be confident that your web applications are protected.
OWASP TOOLS AND METHODOLOGIES
CipherTechs delivers its Web Application Vulnerability Assessments using customer-focused and best-practice-based methodologies. CipherTechs’ analysts, who are active project leaders in the Open Web Application Security Project (OWASP), will also leverage numerous OWASP tools and methodologies to include the OWASP Top 10 Web Application Security Risks to test the security of web applications.
TYPES OF WEB ASSESSMENTS
Web assessments can be performed from different perspectives:
- An unauthenticated assessment to discover flaws that might lead to possible disruption, disclosure or modification of the website.
- An authenticated assessment, which will test the website as viewed by normal authenticated users. This includes testing to verify that no escalation of privileges is possible and that user data is properly segregated.
- An assessment of administrative components of the web site can also be performed.
- Source code analysis of client code can also be performed.
Through their extensive testing experience, CipherTechs’ auditors are able to boil down the mass of raw data to essential points, devising a testing strategy and toolkit tailored to the client’s needs. Our auditors try to replicate actual hacker techniques through both automated and manual testing, ensuring a highly realistic simulation of an actual exploitation attempt.