Web Application Assessment:

The Web Application Assessment can include scanning, testing or both. The test provides a deep and detailed security look at an application which is of interest or concern to a customer.

The Web Application Scan service identifies web application specific vulnerabilities and assesses the security posture of selected web applications against the Open Web Application Security Project’s (OWASP) Top Ten common vulnerabilities.

The service looks for a wide variety of vulnerabilities such as Cross-Site scripting and SQL injection, service configuration mistakes and errors, as well as specific application problems.
The results of this analysis shall detail the risk exposure for an agency’s Web applications and demonstrate how vulnerabilities in these applications can be exploited.

Potential operational impacts for testing shall be reviewed and plans adjusted accordingly. Depending on web application accessibility, assessment activities may be conducted from Red Sea Information Security test facilities or onsite location. Suggested remediation actions to lower an agency’s risk exposure shall also be provided.