Security Testing – Application Assessment

Ransomware + Whitepapers + Case Studies Arun R M today17th August 2021 139 162 4

Background
share close

👉 VAPT of Internal banking application

👉 Validating Source Code Review

👉 Security Hardening of API, Server, Source Code


SCOPE

✔️ Conduct Penetration Test Manually, Automatic and suggest countermeasures

✔️ Provide Server Hardening steps to countermeasure Security attacks

✔️ Audit Source Code and Suggest Insecure functions and Vulnerable locations


TESTING SERVICES

✔️ Perform Penetration Testing on Cloud App (Manually & Automatically)

✔️ Perform Secure Source Code Review

✔️ Manually validate API’s integrated into the system

✔️ Provide Detail Summary of Vulnerabilities identified

✔️ Passes Applications (Web, Database) across Protocols like HTTP/HTTPS, also identify vulnerabilities in Communication


KEY ACHIEVEMENTS

✔️ Interesting Vulnerabilities have been identified using assessment across multiple interfaces and Provided Hardening Guidelines


Sample Vulnerabilities

check Sensitive Data

check Web Interface Analysis

check Crypto Secrets (Keys, Ciphers, Etc.)

check Insecure Data

check Insecure API

check Untrusted References (URL/ Libs)

check Reveal Credentials

check Authentication

check Insecure Configurations


Standards followed

OWASP, SANS

OWASP, SANS, CWE List

Written by: Arun R M

Tagged as: , , , , , .

Rate it
Previous post

Similar posts

Post comments (0)

Leave a reply

Your email address will not be published. Required fields are marked *

Open chat
1
Hello👋

Welcome to Cynorsense

How can we help you?