|
| Web Application Assessment |
|
| TransitNetworks Web Application Assessment Service helps organizations protect information-based assets from threats targeted at web applications. The main objective is to gauge the current controls over your web applications, and to assess the current state of the controls as compared to best practices. |
|
| The resulting report will incorporate all information security control area findings into a single application controls assessment document, with clear, concise, jargon-free findings and recommendations sufficient for risk management. TransitNetworks can also be engaged to provide services in support of implementing findings and recommendations. |
|
| Assessment Coverage Areas |
|
| Web Applications |
|
|
Injection flaws (e.g. SQL Injection) |
|
Cross-site scripting (XSS) attacks |
|
Broken access control (e.g. malicious use of user IDs) |
|
Broken authentication/session management (use of account credentials and session cookies) |
|
Insecure configuration management |
|
Improper error handling |
|
Insecure storage and transport |
|
Unvalidated input |
|
Buffer overflows |
|
Denial of service |
|
| |
| Operating System Vulnerabilities |
|
| Web Server Vulnerabilities |
|
| Database Vulnerabilities |
| |
