Call Us: 619-684-9117
Risk Insights Blog

Application Penetration Testing

Expert security analysis services to uncover security vulnerabilities in your organizations critical web applications.


Overview

Confidence in the security of applications is critical for businesses today. Incidents involving the compromise of web based applications represent a significant risk for organizations that offer sensitive online applications. Organizations typically have firewalls and intrusion detection systems in place. Unfortunately, these protections do little to protect against the increasing threat of sophisticated web based exploits. As a result, organizations sensitive web applications are often wide open to attackers who have figured out thousands of ways to penetrate web based applications of all types.

Methodology

Risk Insights web application security assessment service consists of a sophisticated evaluation of your organizations online application. First, a complete discovery of the web site is performed, during which all pages, functions and links are identified. Next, a combination of attack scripts, heuristic processes and manual techniques are used to attempt to compromise the site.

Risk Insights web application assessment evaluates web based applications against numerous exploit types. The following web application vulnerability types are assessed:

Web Application Vulnerabilities
Parameter Injection
Command Execution
SQL Injection
Cross-Site Scripting
Directory Traversal
Abnormal Input
Parameter Overflow
Buffer Overflow
Web Package Identification
Absolute Path Detection
Parameter Addition
Path Manipulation
Path Truncation
Character Encoding
Character Stripping
Site Search
Application Mapping
Crawl
Proxy Support
Error Message Permissions
Client Certificates
State Management
Directory Enumeration
Web Server Assessment
HTTP Compliance
SSL Strength
Certificate Analysis
Content Investigation
Develop Comments

Qualifications

Risk Insights security engineers have extensive experience in the areas of web application penetration testing. Previous web application security assessments we have worked on include: online banking applications, ERP systems, and two-factor authentication systems.


Risk Insights engineers are actively involved with web application security organizations such as OWASP and the Web Application Security Consortium. Risk Insights has partnered with the leading developer of web application security software to further our capacity to efficiently detect and correct web application security issues.

Our Services

Our Company

Resources

----------------
© 2012 Risk Insights. All rights Reserved. Contact Us   Policies