Let’s face it: many applications simply present database views to the internet. You need assurance that there’s not a back door into the whole dataset. Let us safely discover and mitigate flaws in your application. We’re the good hackers for hire.
Your clients, your employees, and your reputation could all be at risk. Penetration testing provides peace of mind that your web application is protected. You don’t have to be reactive to malicious intrusions. You can be proactive.
Our engineers have backgrounds in development. We understand and appreciate the time you have already put into your application. We can help you prioritize your next steps. Some will be immediate. Others can be spread out into your normal development schedule.
Security and Compliance Requirements
Some compliance frameworks require regular penetration tests of web applications. Examples of such are PCI, HIPAA, and FFIEC. Alternatively your organization could have controls requiring testing in your security program. Because we also specialize in compliance and assessments, our engineers will ensure your success.
Dynamic Application Security Testing (DAST)
The DAST approach to application testing scans to find vulnerabilities that a hacker could potentially exploit. We evaluate your web application in its native running state. We start by looking at your application as an anonymous user, then as an authenticated user, and finally as an administrator or power user. Testing examines the front-end interface.
Static Application Security Testing (SAST)
The SAST approach to application testing looks for vulnerabilities in the source code. SAST testing requires access to the application’s source code. This is considered a real-time security view of your application inner-workings. Through this test, we can also see what information is being shared with integrated API’s. With API information, we can identify security or data violations.
Penetration Testing Checklist
With either approach, tests attempt to imitate an attacker. These are vulnerabilities that may require using personal knowledge of the application or automated tools. Either way, we can prepare you. Here’s a checklist of what we might look for:
Logging and Monitoring
Does the application track users properly? Are systems actively checked?
Is there proper authentication? Do authorization controls apply to users’ actions?
Sensitive Data Exposure
Does the application disclose confidential information? Is the environment providing information that could aid an attacker?
Are user inputs validated and sanitized? Does the application behave independently of input?
Does the application enforce output Encoding? Is there consistent interpretation of the output?
Are there filtering mechanisms? Do they proactively defend against common web application attacks?
SSL Encryption Analysis
Does the web server support the security levels of the encryption ciphers? Are certificates supported on both the server-side and client-side?
Is parameter handling secure? Could the application potentially mishandle authorization information? Could server-side information mistakenly be sent to the user?
Application Logic Flow
Does the application enforce logic flow? Could an attacker control the application flow at will?
Are there cross-site scripting vulnerabilities? Is there proper encoding of user-supplied input?
Does user input construct database queries? Can an attacker craft an input to control queries beyond the programmer’s intent?
Do user inputs construct file paths? Can an attacker craft an input to escape the directory structure of the application?
XML External Entities
Is it possible to inject XML tags or modify the XPath query?
Are the application’s certificates current, issued by a trusted authority, in the correct domain name, etc?
Are there instances that result in values above or below the allowable integer value?
Does the application perform proper bounds checking?
Known Vulnerable Components
Are server-side and client-side component current and secure?