Application security testing encompasses the use of manual and automated methods to detect internal and external threats and protect business applications and data, either in static or dynamic form.

 

This CREST/CISSP service, supported by Defendza (see Service Definition document), includes penetration testing of Firewalls, VLANS, networks, applications and Wi-Fi with remote connections.

 

Testing includes DNS zone transfers attempts, services enumeration, OS detection and build version fingerprinting, password attacks, firewall traversal attacks, email spoofing and mail/web/relay tests, back-door discovery and uploads.

 

Our Application security services include scoping, identifying, assessing the security risks of the application/software product and identifying & recommending the risk treatment plans.

 

Features

 

  • Attempts on DNS zone transfers for public IP addresses
  • Enumeration of services and Enumeration command support
  • OS detection and build version fingerprinting
  • Password attacks for public IP addresses
  • Firewall traversal attacks
  • Checks for anonymous access and file/folder privileges
  • Configuration files will be searched and access attempts
  • Email spoofing and mail/web/relay tests
  • Web crawls, method support and web directory enumeration
  • Upload and Input validation attempts

 

Benefits

 

  • Currency with CYBER latest threats ensures a high protection level
  • CREST/CISSP conformance ensures high standard of security
  • Comprehensive report enables pro-active protection interventions
  • Cost effective

Return to list of Service Definitions