Web Application and Penetration Testing reviews provide organisations with a real-world view of what malicious attackers could potentially do to and within their environments.
Few organisations can match the experience and expertise of Security-Assessment.com in this field. While automated tools have their place, nothing substitues for manual testing done by expert individuals.
Testing
Testing Type
Gaining unauthorised access to servers or devices
Obtaining sensitive information
Modifying data
Accessing another customers information and accounts
Accessing protected functionality without valid credentials
Modifying and manipulating data
Capturing another user's information
High jacking user sessions
Web Applications
Host and Network Environments
Wireless Networks
Host exploitation
War Dialing
Specific technologies including SCADA networks, telecommunications (eg; 3G networks)
The Benefits
Penetration and Web Application Security Reviews enable organisations to manage their enterprise security strategy by measuring the strength and effectiveness of;
Security Policies
Intrusion Detection systems and processes
Intrusion Response processes
Administration processes
Quality of system build and administration
Operational processes and procedures (e.g. server patching)
Application development security
Quality of operational and IT outsourcing partner security
Operating systems security
Web server security
Application code security
Back end database security
Internal network security
Access control effectiveness
Unintentional or intentional back doors
"Enterprises that implement a vulnerability management process will experience 90% fewer successful attacks than those than make an equal investment only in intrusion detection systems"
Testing
