Security analysis

Web Security has become a bigger problem in recent years as more and more sites are hacked every day. At interactive Digital Systems our service employs 60+ test scenarios during security analysis, plus assistance to resolve issues with sites already hacked.

services-security-cover


We deliver detailed reports for all our specialist security analysis work to allow you to focus on preventing attacks



The report contains:

  • Executive Summary Section
    This section is intended for business owners (not technical people) that briefly describes the analysis results, top of the list will be the most critical issues together with any calculated risks.
  • Technical Management Overview
    This section is intended for technical staff, it outlines the scope of the security analysis work, instruments that were used during the security analysis and our risk calculation methodology.
  • Assessment Findings
    This section contains a list of test cases that were checked against the site. Each test case will have a status (successfully checked or not). Every parameter on every page will be checked.
  • Screenshots
    All our findings will be demonstrated by screenshots, defined steps to reproduce and/or links on a dedicated video

Discovering vulnerabilities is important, but just as important is being able to estimate the associated risk to the business. That is why risk will be calculated for each found security issue. Each security issue will come with our recommended safeguards. We don’t give vague recommendations, the report will contain specific safeguards for each particular issue in the web system.

We can perform black box testing (when customer provides with minimal information about the web system), but analysing source code (white box testing) brings more results and is more effective.

We can’t give any guarantees that your system won’t be hacked, but we can guarantee that customers receive an objective assessment of security on their web systems that will allow predicting potential issues with their business.



check-listWidespread attacks that we check first…

  • XSS (Cross Site Scripting)
  • SQL Injection
  • Authentication Bypass
  • Insufficient Authorization
  • Weak Password Recovery Validation
  • Client-side Attacks
  • Shell Command Execution
  • Code Insertion/Execution
  • Information Disclosure
  • Path Traversal
  • Predictable Resource Location
  • Abuse of Functionality

speak-security-analysisSpeak to us about Security Analysis
+44 (0)113 859 1669

Other services


integration

Integration

development

Development

consultation

Consultation

user_experience

User experience

performance_tuning

Performance Tuning Analysis


Delivering ROI for clients worldwide