Portal (www) Security Audit
An internet portal should work 24 hours a day, 7 days a week throughout the entire year. A lack of a working internet portal, even for a couple of hours, can equate to negative financial consequences and a poor corporate image. To prevent this, we carry out comprehensive audits and tests that verify the presence of the following:
- Injections (XSS, SQL Injection, LDAP Injection, XML Injection, etc.)
- Session management( Cookies, SSO, CSRF, etc.)
- Insecure Direct Object References (LFI, RFI, Path traversal, etc.)
- Security misconfiguration (old, backup and unreferenced files, Admin interfaces, etc.)
Infrastructure and network device security audits
Application security is one thing, the security of the devices being used by the applications is another. However, both are equally important. Security testing includes the scanning of any network device – eg. server, router, firewall, wireless access point – from the Internet or Intranet. In summary, after the test is completed, the client receives a detailed report of device vulnerability and recommendations for repairing those errors and eliminating threats.