Security/Vulnerability Testing

Our security testing includes identifying all key vulnerabilities detailed below. Also shown below are our iterative process for security testing and a sample report.
Key Vulnerabilities in web applications include:

  • Injection
  • Broken Authentication and Session Management (XSS)
  • Cross Site Scripting (XSS)
  • Insecure Direct Object References
  • Security Misconfiguration
  • Sensitive Data Exposure
  • Missing Function Level Access Control
  • Cross Site Request Forgery (CSRF)
  • Using Components with Known Vulnerabilities
  • Un-validated Redirects and Forwards

Popular tools used for Vulnerability scan include Qualys, Nessus, Burp and McAfee Secure.