Aspire’s Web Application Penetration Assessment models specific threat scenarios in a real world environment. The assessment provides insight into methods of attack against a web-based portal or e-commerce application at a point in time. We model malicious attacks threatening the security of the product and conduct blind or informed attacks on a Web application supplied by the Client. We then use penetration techniques to attempt to undermine the security features of the application. Examples of Web Application Assessment tests include, but are not limited to, the following:
Key Service Components:
- Bypass authentication and authorization mechanisms
- Modification of data or data presentation
- Exploitation of inadequate input validation controls
- Escalation application privileges
- A detailed findings report, including a prioritized issue list and recommendations for remediation of discovered vulnerabilities, is provided as the project deliverable.