Web application security

The problem 

Web applications are often the most vulnerable part of an information system. At the same time, due to their exposure on the Internet, they are usually the first target in an attack. According to the Web Application Security Consortium, out of 44,147 web sites tested in 2006, 85% had at least one vulnerability when tested.

As more organizations perform their business on the web, web applications are becoming their critical assets. Due to increasing complexity, those applications require more effort and dedicated, professional, testing to be secure.

The service

Due to high customer demand, INFIGO IS offers special penetration tests tailored specifically for Web applications. The objective of such a specialized penetration test is to reveal potential vulnerabilities or security flaws in a controlled environment.

The extent of the web application penetration test and the testing methodology are adjusted to the tested application and technologies used. All results are manually examined to ensure the highest possible quality and eliminate false positives.

INFIGO IS's experts use publicly available and proprietary, in-house built, specialized tools for web application testing.

Applications are tested for known and unknown vulnerabilities, including but not limited to SQL injection, Cross Site Scripting (XSS), file inclusion, command execution, code injection, input parameters manipulation, session management vulnerabilities, error handling etc.

The benefit

Client's web applications are thoroughly assessed through INFIGO IS's web application penetration testing program to decrease and eliminate chances of a successful web site attack. The results of the tests include detailed descriptions of identified vulnerabilities and recommendations for their removal.

contact 

• Security assesment
• Vulnerability scanning
• Penetration testing
• Web application security
• Security audit