Security Assurance Testing

Is your website secure?! Have Security Assurance Testing been carried out on your website ?!

Created on a daily basis, websites are increasingly complex (specific functionalities, login, business transactions, dynamic content and confidential information) and in greater numbers, regardless of whether they are of particular content, institutional or a simple blog. Most present a contact form, a reserved area or login, newsletter subscription, among other elements, which in the worst case scenario can facilitate and encourage an attack.

REASONS FOR ATTACK

  • Websites with lots of hits
  • Public domain systems
  • Unsatisfied employees
  • Money

COMMON FAULTS

  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Configuration Errors
  • Vulnerable components and cookie vulnerability
  • Invalid digital certificates (SSL)
  • Security headers
  • Loss of sensitive data
  • Authorization
  • Unsafe and direct reference to objects
  • Invalid redirects and forwarding
  • Local File Inclusion (LFI) and Remote File Inclusion (RFI)
  • Logical flow of the application
  • Cryptographic errors
  • Cross-Site Request Forgery

But it is possible to have a secure website by performing Security Assurance Testing, of course! These are intended to identify the security flaws of a software that is being run, to evaluate possible vulnerabilities in the applications and to simulate the navigation of the user of the environment (client, collaborator, supplier, service provider, among others).

Have a SAFE website now!

Previous