Web Application Assessment

SecureWorks Web Application Assessment Service helps organizations protect information-based assets from threats targeted at web applications. The main objective is to gauge the current controls over your web applications, and to assess the current state of the controls as compared to best practices.

The resulting report will incorporate all information security control area findings into a single application controls assessment document, with clear, concise, jargon-free findings and recommendations sufficient for risk management. SecureWorks can also be engaged to provide services in support of implementing findings and recommendations.

Assessment Coverage Areas

Web Applications

• Injection flaws (e.g. SQL Injection)
• Cross-site scripting (XSS) attacks
• Broken access control (e.g. malicious use of user IDs)
• Broken authentication/session management (use of account credentials and session cookies)
• Insecure configuration management
• Improper error handling
• Insecure storage and transport
• Unvalidated input
• Buffer overflows
• Denial of service

Operating System Vulnerabilities

Web Server Vulnerabilities

Database Vulnerabilities