Web Application Security Test

Identify vulnerabilities in a web application and its resilience to cyber attacks.

Improsec delivers an independent security test of a web application. Our in-depth technical tests will uncover vulnerabilities in the application, assess their impact and provide detailed recommendations on remediation.

Value

Identify vulnerabilities in a web application and its resilience to cyber attacks
Determine if the web application is developed in accordance with best practices
Recommendations on how to strengthen the level of security and how hardening of the web application can be applied

Product

The deliverable of the analysis is a written report containing the following:

A non-technical section with an Executive Summary for management and decision makers
A technical section including detailed observations and tangible recommendations to improve the security level and hardening of the web application

Method

Our methodology is based upon our extensive experience within security testing of web applications and is further supported by the OWASP framework and NIST guidelines for security testing. The methodology is specifically made for web application testing and covers areas such as:

Information Exposure

Configuration and Deployment Management

Identity Management

Authentication Mechanisms

Authorization Mechanisms

Session Management

Input Validation

Error Handling

Cryptography

Business Logic

Client-Side Attack Vectors

The test is performed as a combination of creative manual test actions and automated scans.

Involvement

The delivery requires minimal involvement of your technical staff.

Download Full Service Description Here