Home : Services : WAT  
Featured Services

Web Application Testing (WAT)

Do you rely on web to do your business? Are you aware that flawed code and vulnerabilities make a hacker's job easier?

Our WAT allows the web application to be rigorously tested under conditions designed to focus on where the application gets information, how that information is processed, what effects does the information has on the underlying data, etc.

Our WAT starts by first crawling the entire application to gather more information about the application. This is then followed by an automated flaw injection testing. At this stage, common application bugs like XSS and SQL could be uncovered. Subsequently, manual validation and fine-tuned testing is performed to further uncover any holes that could not be reported by the automated tools.

Our WAT is suitable for commissioning, third party assurance, post-attack analysis and audit where independence and quality of service are important requirements.

Web Application Testing covers:

  • Configuration errors
  • Application loopholes in server code or scripts
  • Testing for known vulnerabilities
  • Reducing the risk and enticement to attack
  • Advice on fixes and future security plans

Typical issues discovered in an application test include:

  • Back doors and debug options
  • Cross-site scripting
  • Broken ACLs/Weak passwords
  • Weak session management
  • Buffer overflows
  • Forceful browsing
  • CGI-BIN manipulation
  • Form/hidden field manipulation
  • Command injection
  • Insecure use of cryptography
  • Cookie poisoning
  • Risk reduction to zero day exploits
  • SQL injection
  • Server misconfigurations
  • Well-known platform vulnerabilities
  • Errors triggering sensitive information leak

Deliverables

Each finding has a corresponding recommendation for corrective action. Reports are concise, and describe what is wrong, why it is a problem, and how it can be fixed. The summary report presented will be highlighting:

  • Application under test
  • What are the vulnerabilities
  • Details of the Vulnerabilities
  • Impact of the vulnerabilities
  • Recommendations on what to do

Want to know more? Contact us now

Vulnerability Assessment (VA)

Penetration Testing (PT)
Security Infrastructure Test (SIT)
Vulnerability Assessment (VA)
Vulnerability Assessment is an exhaustive methodology that ferrets out the weaknesses and deficiencies, from a security standpoint, in any given system. more
   
Penetration Testing (PT)
Penetration Test is the active analysis of networks and their components for security weaknesses, technical flaws and vulnerabilities. more
   

 
   
Home About Us Products Services Training Contact Us
© Copyrights 2006 Senturions Technologies Pte Ltd. All rights reserved.