The Web Application Assessment can include scanning, testing, or both. The test provides a deep and detailed security look at an application which is of interest or concern to a customer.
The Web Application Scan service identifies web application specific vulnerabilities and assess the security posture of selected web applications against the Open Web Application Security Projects (OWASP) Top Ten common vulnerabilities.
The service looks for a wide variety of vulnerabilities such as Cross-Site scripting and SQL Injection, service configuration mistakes and errors, as well as specific application problems.
The result of this analysis shall detail the risk exposure of an Agency's Web Applications and demonstrate how vulnerabilities in these applications can be exploited.
Potential operational impacts for testing shall be reviewed and plans adjusted accordingly. Depending on web application accessibility, assessment activities may be conducted from Red Sea Information Security test facilities or onsite location. Suggested remediation actions to lower an agency's risk exposure shall also be provided.