Testing Web Applications
Communication between a business, its customers and its staff is increasingly carried out via web applications. We can test any kind of web application, and give you a comprehensive review of any vulnerabilities and related risks.
We combine the latest automated tests with manual examination of your web applications, including a detailed analysis of any custom logic and code.
We test across the full spectrum of potential vulnerabilities, including the top ten threats identified by the Open Web Application Security Project (OWASP) :
- Cross site scripting (XSS).
- Injection flaws.
- Malicious file execution.
- Insecure direct object reference.
- Cross site request forgery (CSRF).
- Information leakage and improper error handling.
- Broken authentication and session management.
- Insecure cryptographic storage.
- Insecure communications.
- Failure to restrict URL access.