Our security testing includes identifying all key vulnerabilities detailed below. Also shown below are our iterative process for security testing and a sample report.
Key Vulnerabilities in web applications include:
- Broken Authentication and Session Management (XSS)
- Cross Site Scripting (XSS)
- Insecure Direct Object References
- Security Misconfiguration
- Sensitive Data Exposure
- Missing Function Level Access Control
- Cross Site Request Forgery (CSRF)
- Using Components with Known Vulnerabilities
- Un-validated Redirects and Forwards
Popular tools used for Vulnerability scan include Qualys, Nessus, Burp and McAfee Secure.