|
Website Security & Web Application Penetration Testing
Is your website vulnerable to data theft?
Security Pursuit's web application penetration testing services use non-disruptive ethical hacking techniques identify weaknesses in your application code and database layers which may be vulnerable to attack. Cross site scripting, SQL injection, and many other attack methods are used to find vulnerabilities in your website. Security Pursuit uses the latest in both automated and manual testing methods to find vulnerabilities that could be exploited.
Website security tests include the OWASP Top 10 Web Application Security Risks:
- Injection flaws
- Cross Site Scripting (XSS)
- Broken Authentication and Session Management
- Insecure Direct Object References
- Cross Site Request Forgery (CSRF)
- Security Misconfiguration
- Insecure Cryptographic Storage
- Failure to Restrict URL Access
- Insufficient Transport Layer Protection
- Unvalidated Redirects and Forwards
Once the initial web application security review is complete, you receive a detailed report with actionable steps to help improve your website's security posture. After your web development team has addressed the critical findings, we re-verify them to assure that the risks have been effectively mitigated. Upon completion of the assessment you are provided with a "clean bill of health" certificate PDF file and web icon for public display on your website.
Security Pursuit's web application penetration testing satisfies PCI DSS compliance requirement 6.6 (For public-facing web applications, address new threats and vulnerabilities on an ongoing basis and ensure these applications are protected against known attacks). The service provides you with a higher level of awareness about the security posture of your business-critical web applications.
| 
