Application Security Assessment

Credentialed and non-credentialed vulnerability assessment and penetration testing of web-based, mobile, intranet, etc applications to validate security and protection against outside attackers, malware, privilege escalation and account hijacking.

Application Security Assessment Overview

The AppSA includes credentialed and/or non-credentialed vulnerability assessment and penetration testing of web-based, mobile, intranet, etc applications to validate security and protection against outside attackers, malware, lateral and vertical privilege escalation and account hijacking.

Testing covers injection (URL, SQL, LDAP, cookie etc.), authentication, session management, cross-site scripting, object/function access control, data exposure, misconfigurations, vulnerable components/frameworks/libraries, forged redirect/forwards, cookie security, hashing and more.

Notes: Testing assesses against OWASP Top 10 and beyond to ensure baseline coverage and more. For production systems, Illumant takes care not to run potentially destructive exploits.

Scoping

Vulnerability Analysis & Harvesting

Manual Validation & Manual Testing

Reporting & Analysis

Ready to get started?

SJULTRA is here to help, whether it be a basic security assessment, to large security projects.