Application security

Comprehensive Security Audit

Suitable for:
  • big and complex web applications and web sites
  • security critical web applications (e-shops, online casinos, Internet banking/insurance, ..)
Report size:
15-70 pages
Testing time:
2-4 weeks

The goal of the comprehensive web application / web server security audit to test the web application as thorough as possible (all forms, all kind of known vulnerabilities). The test strictly follows OWASP Web Security Testing Guide and it is very comprehensive.

It includes:

  • practical hacking demonstration of revealed critical vulnerabilities (own exploits coding, database dump, CSRF/XSS/session fixation demonstrations, ..)
  • one-day meeting with the application’s developers (presentation of the report, how revealed vulnerabilities can be exploited, how to fix the application and follow our security recommendations)
  • complete and strict the web application testing according to the OWASP Testing Guide
  • technical report with executive summary, all revealed vulnerabilities, risk levels and recommendations

Price: depends on the application complexity (number of forms, user inputs, user hierarchy etc).