A web application assessment will test for many security issues which are commonly found in websites. A web application assessment focuses the entire test on the web application(s) that are being tested, rather than an all-inclusive test of running services that an external penetration test or internal penetration test would provide.
FortyNorth Security will assess your organization’s web application from different perspectives:
FortyNorth Security will conduct the web application assessment following the same steps that an attacker would perform. A sample set of these steps include:
All testing can be tied to the OWASP Top 10 project to ensure breadth of testing for your web application. FortyNorth Security will use both internally developed and commercially purchased software to assist in performing the web application assessment.
The web application assessment is designed for customers who wish to test the security of a web application prior to use by internal employees or your customers. The web application test should also be used to identify vulnerabilities or misconfigurations within web applications which are currently in use.