|
| Web Application Security Testing |
| |
| Through the years, IT managers and security professionals have learned to secure the network perimeter by installing and maintaining firewalls and other security appliances. Security professionals, however, have identified a new class of security vulnerabilities within web based applications. This new class of security vulnerabilities cannot be controlled by the firewall and must be addressed with proper application design and security testing. |
|
| XBOSoft has developed a robust web application security testing practice to highlight security issues within applications accessed via the Internet. We employ black-box security testing methodologies utilizing a variety of specialized application security test tools and classic functional security testing ( Click Here for Details ). |
|
| XBOSoft’s application security testing focuses on issues such as: |
|
| • |
Input checking and validation |
|
| • |
SQL insertion attacks |
|
| • |
Injection flaws |
|
| • |
Session management issues |
|
| • |
Cross-site scripting attacks |
|
| • |
Buffer overflow vulnerabilities |
|
| • |
Directory traversal attacks |
|
| Customer Benefits from Web Application Security Testing |
| |
| • |
Identify implementation errors that were not discovered during code reviews, unit tests, or security white box tests |
|
| • |
Discover potential security issues resulting from boundary conditions that were difficult to identify and understand during the design and implementation phases |
|
| • |
Uncover security issues resulting from incorrect product builds (e.g., old or missing modules/files) |
|
| • |
Detect security issues that arise as a result of interaction with underlying environment (e.g., improper configuration files, unhardened OS and applications) |
|
