Redspin
Services Main
Casino IT Assessments
External Network
Security Assessments
Financial Services
Healthcare Security
Assessments
Internal Network
Security Assessments
NERC Cyber Security
Assessments
PCI Services     
Social Engineering
Special Security
Assessment Services
Testing and Certification
Program
Website Security
Assessments
Contact Us Toll Free - 800-721-9177
Request A Quote
Security Blog
Assessment Services Assessment Tools Security Research About Us Contact Us

Website Security Assessment Services
Ensure that a Hacker Cannot Access Internal
Data and Network Via Your Website!

What is a web application penetration test?
For web application penetration testing we put our hacker hats on and attempt to breach the security and identify vulnerabilities on your web site via the Internet.

A web application security assessment is the audit of choice for those who want to mitigate the security risk of putting a web site between the Internet and their data. Whether its an new web site or an application that is being moved to a Software-as-a-Service (Saas) or cloud environment, a web application audit identifies risk on your web site. Our expert engineers identify significant risk often missed by other firms and throw out the false positives to provide you with an actionable web application audit report with detailed recommendations that provides a clear path to mitigate your security risk.

We currently provide web application audit services in the U.S., Asia and Europe. Our clients include one third of the banks in California, casino's and enterprises ranging from small to Fortune 50.

What Questions Does Web Application Testing Answer?
  • Can a hacker access my internal systems and data from the Internet, via my web application?

What are Some Common Objectives of a Web Application Penetration Test?
  • Provide management with an understanding of the current level of security risk from web-based services.
  • Provide recommendations and enough detail to facilitate a cost-effective and targeted mitigation approach.
  • Create a basis for future decisions regarding IT strategy, requirements, and resource allocation.

What is the Web Application Penetration Testing Process?
Reconnaissance
Identification of webserver, platform, sub components, and compiled modules.
Enumeration
Evaluate the web server for configuration errors, software vulnerabilities, and sensitive data leakage.
Research and Evaluation
Here we ensure that the session management, authentication and authorization are appropriate to safeguard user data and segregate user roles. This includes:
  • Cookies
  • Session Management
  • Encryption
Penetration Testing Analysis
Here we identify each area of user input and evaluate input filtering to determine if malicious input can be injected resulting in exposure of sensitive data by SQL Injection, or account compromise via cross site scripting, cross site forgery, etc.


OWASP

Related Services
Internal Network
Security Assessments
 Special Security
Assessments
Data Sheets
Web Application Security
Assessment
Contact a Security Consultant Today!
* = Required Information
*
*
*
*
*
Home  |  Assessment Services  |  Assessment Tools  |  Security Research  |  About Us  |  Contact Us  |  Site Map
©2009 Redspin, Inc. | Privacy Policy
Site Design and Development by Petro Design Co.

Casino IT Assessments

External Network Security Assessments

Financial Services

Healthcare Security Assessments

Internal Network Security Assessments

NERC Cyber Security Assessments

PCI Services

Social Engineering

Special Security Assessment Services

Testing and Certification Program

Website Security Assessment

NMap XML2SQL

fTrace

Crackulator

Redspin Research

Redspin Presentations

Redspin Videos

Redspin Data Sheets

Redspin White Papers

Technical Resources

Regulatory Resources

Security Management Advisory

Corporate Ethos

Environmental Ethos

Redspin In The News

Press Releases

Upcoming Events

Careers

Contact Us

Request Pricing