Web Application Penetration TestDionach discover serious issues such as SQL injection and cross-site scripting in the majority of web application penetration tests that Dionach carry out. This is why ongoing and regular web application penetration testing is such a vital part of your defences.
Dionach will test your web site, extranet or intranet for application layer vulnerabilities. Your applications will be tested for information disclosure, privilege escalation, SQL injection, cross-site scripting, cross-site request forgery, access control issues, and other issues in an attempt to gain access to sensitive data or the network.
Dionach uses the OWASP top ten as a base for common security issues and develops test cases to build attack vectors specific to the type of application. We are also constantly updating our security database with new threats and attempts to gain access to sensitive data.
If the application requires login credentials then a test can be carried out first without credentials and then with credentials for users with different roles. The test can be done blind, without access to the source code, as an attacker would do, or with more information about the architecture or source code.
The report will provide an executive summary section with a non-technical explanation of the impacts and likelihoods of the more serious issues. The technical results section will list the issues with impacts and likelihoods and recommendations for resolution.
We prefer to meet our customers face to face where possible to discuss any issues discovered. A retest of an application following fixes will generally require significantly less time to complete, typically a day.
The main benefits of a Dionach penetration test are:
Contact us for a quote through our enquiry form or telephone us on 0845 225 5050.
