Security Vulnerability Testing

33% of UK businesses and 66% of large businesses had at least one serious security breach in the last year (source DTI Security Survey 2004).

The growing importance of web based e-commerce systems to businesses has not been matched by the recognition of the importance of security.

Penetration Testing that addresses the security of the network layer is widely utilised and well understood in the Testing marketplace. Less well understood is the growing menace of hacking by using web applications. Why hack the difficult and well-defended application layers when you can join and get a password that gets you full access?

Vanguard offers both penetration and web based security testing to offer complete Brand Protection.

Vanguard Brand Protection Web Application Testing

According to a recent Gartner report on security issues, 70% of all hacking attacks now occur at the application level. Recent interest and developments in security and hardening of the Network Layer have made it increasingly difficult for hackers to penetrate at this layer. Firewall Systems, SSL Encryption, IDS Systems, Strong Authentication and other implementations have made it so hard for hackers that other routes have become attack routes of choice.

Web-based applications have fundamentally changed the risks associated with traditional client-server applications as hackers can now see all the parameters used in server-side code - enabling them to bypass client-side validations.

This can result in hackers obtaining full control and access to information, modifying the content of the pages, hijacking transactions leading to privacy breaches and e-shoplifting - or even deleting or making the site totally unavailable.

Vanguard-Brand Protection can be booked with 24 hours notice on the subscription service or 72 hours as a one-off test. The service covers ALL the possible application based security problems. No capital expenditure is required and no purchase of software is needed. The automated approach of Vanguard-Brand Protection generates a large volume of test cases (as many as 100,000 for a complex application) and then applies them. Results are available immediately. The test cases are stored and form a considerable test asset. Re-test after further development is therefore very simple.

Deliverables

• Web Application Testing delivered 24/7 on demand
• Subscription or On-Demand service as required
• User defined templates of areas of application to be tested
• User control of testing requirements with zero software and hardware costs
• User modification or creation of test templates at any time
• Significant test asset delivered to client for future use

For more detailed information