Web Application Assessment

Web application security assessments determine the application’s risk as defined by its ability to maintain the integrity of data and business processes, uninterrupted availability of service and confidentiality of customer data. Security Privateers examines the application with an established methodology that includes manual techniques developed from significant experience in the field, custom tools to improve efficiency and accuracy of testing and open-source tools.

A Security Privateers Web Application Assessment provides valuable input when assessing risks. Applying good IT risk management will provide tangible business benefits, e.g., fewer operational surprises and failures, increased information quality, greater stakeholder confidence, reduced regulatory concerns, and ability to create innovative applications supporting new business initiatives.

Statement of Work and Methodology

At the start of a project we consider the business threats and risks. Scoring is based on how critical the application or data handled by the application is for your business.

Map Regulatory Compliance Requirements

SECURITY PRIVATEERS will map data classification requirements and policies and procedures to applicable regulatory and compliance requirements such as HIPAA/HITECH/GLBA/Sarbanes-Oxley, FISMA, FERPA, PCI or other governmental or industry regulatory compliance as designated by Client.

External Penetration Testing

This component of the Web App Assessment will consist of remote scans and tests generated from our remote operations center to determine if known vulnerabilities can be detected in Internet-facing hosts. Click here for more information on Penetration Testing.

Profiling the Application

Enumerate the Directory Structure and Files
Identify Authentication Mechanism
Identify Authorization Mechanism
Identify All "Support" Files
Identify All Include Files
Enumerate All Forms
Enumerate All GET Parameters
Identify Vectors for Directory Attacks
Identify Areas that Provide File Upload Capability
Identify Errors
Determine Which Pages Require SSL

Tests are performed to identify at a minimum the top 10 Open Web Application Security Project (OWASP) vulnerabilities, including, but not limited to:

SQL Injection
Broken Authentication and Session Management
Cross Site Scripting (XSS)
Insecure Direct Object Referencing
Security Misconfiguration
Sensitive Data Exposure
Missing Function Level Access Control
Cross-Site Request Forgery (CSRF)
Using Components with Known Vulnerabilities
Unvalidated Redirects and Forwards

Web applicable tests are executed from three perspectives:

Anonymous User: The test is executed from the perspective of an anonymous user with no or minimal knowledge of the target system. Focus points include the user logon authentication process, session management, as well as attempting to uncover other areas on the target application that may provide remote, unauthenticated, or unauthorized access.

Authenticated User: This test is carried out from the perspective of normal user’s knowledge. Therefore a set of valid user login accounts and passwords are required. The focus is on checking authentication and authorization controls and procedures, roles, and limitations such as time restrictions and potential contamination (assuming the access rights of another user, viewing and modifying data of another user).

Administrative/Root user: Root user has full access to administrate, add users, delete users and possibly change authentication methods. This user is tracked for access, and to prevent any malicious or destructive actions.