Web Application Security Assessment
WASA is key to your protection from the Web
Automated and Manual Application Scanning
Manual Code Review with Security Specialists
What is Web Application Security Assessment
Web applications and Web 2.0 as an advanced way of business communications are popular targets for hackers. Web App vulnerabilities may occur serious challenges and have resulted in loss or theft of credit card information, serious damages to the organization's market position, public reputation or even image.
Elements
- Vulnerability and Risk Identification
- available for Windows, Linux, iOS or Android Web Apps also;
- Secure Development Consultancy
- including step-by-step risk remediation recommendations for each vulnerability
- OWASP Assessment and Compliance
- immediate recognition and remediation recommendations for the OWASP Top Ten vulnerabilities
Parallel with frequent change of Web Apps, Grayteq’s WASA service contains the package of recurring threat and weakness, mitigating the risk of becoming the next “Victim of Web Attack” headline.
Open Web Application Security Project
The Open Web Application Security Project (OWASP) is an all-volunteer group that produces free, professional-quality, open-source documentation, tools, and standards. The Open Web Application Project has compiled a highly regarded list of the top-ten security vulnerability categories.
The OWASP Top Ten is a list of vulnerabilities that require immediate remediation. Existing code should be checked for these vulnerabilities immediately, as these flaws are being actively targeted by attackers. Development projects should address these vulnerabilities in their requirements documents and design, build, and test their applications to ensure that they have not been introduced.
Learn more »
OWASP Assessment and Compliance
Grayteq provides thousands of checks for Web application vulnerabilities and includes testing for all items related to the Open Web Application Security Project (OWASP) Top 10 listed below:
| OWASP Top 10 |
Testing Requirement |
| A2-2010 |
Cross Site Scripting (XSS) |
| A1-2010 |
Injection (SQL, LDAP, and Xpath flaws) |
| A3-2007 |
Malicious File Execution |
| A4-2010 |
Insecure direct object references |
| A5-2010 |
Cross-site request forgery (CSRF) |
| A6-2007 |
Information leakage and improper error handling |
| A3-1020 |
Broken authentication and session management |
| A9-2010 |
Insecure cryptographic storage |
| A10-2010 |
Insecure communications/transport layer protection |
| A7-2007 |
Failure to restrict URL access |
| A6-2010 |
Security misconfiguration |
| A8-2010 |
Unvalidated redirects and forwards |
Contact us to speak with a security specialist about your Web Application Security Assessment project.
Learn more about OWASP in our Cyber Security Training Programs. »