Research indicates up to 70% of
websites have vulnerabilities which
could lead to theft of sensitive
information such as credit card data
or customer lists. We believe
regular vulnerability scanning is
critical to keep up with the rapid
pace of emerging threats. Our
scanning will provide historic
information such as a formal report
and recommendations to help you meet
regulatory requirements such as GLBA,
SOX, and PCI DSS among others.
Hackers are focusing their efforts
on web-based applications such as
shopping carts, forms, login pages,
and other dynamic content.
Since these applications are
accessible 24/7 from around the
world, insecure web applications can
provide access to backend corporate
databases.
Web
application attacks are usually
launched on port 80 or 443, go
through the perimeter or gateway
firewall appliances, and target the
application directly.
Generally, many web applications are
insufficiently tested and have
undiscovered vulnerabilities that
can be exploited by hackers.
Our scanning / testing includes:
-
Security testing of Ajax and Web
2.0 applications.
-
Advanced and in-depth SQL
injection and Cross site
scripting testing
-
Advanced penetration testing
using HTTP Editors and HTTP
Fuzzers
-
Testing pages with CAPTHCA,
single sign-on and Two Factor
authentication mechanisms
-
VISA PCI compliance scanning and
reporting
-
Multi-threaded website crawling
and mapping including flash
content, SOAP and AJAX
-
Web server port scans, and security checks against network
services running on the server
Certification Seals:
We
offer a website certification seal
validating the security controls on
the website after testing. The
certification process includes a
scan frequency report and
verification of a third party
certificate authority (CA) for any
SSL communications occurring on the
website.
|
