Web Application Scanning

Web application security vulnerabilities usually stem from misconfigurations or programming errors with a web application programming language (e.g., Java, .NET, PHP, Python, Perl, and Ruby), a code library, design pattern, or architecture. These vulnerabilities can be complex and may occur under many different circumstances
Web Application Scanning (WAS) enables organizations to assess, track and remediate web application vulnerabilities. Delivered on demand, the new service allows users to.

• Crawl web applications
• Identify cross-site scripting and SQL injection vulnerabilities
• Detect sensitive content in HTML based on user settings
• Conduct authenticated and non-authenticated scanning

Deliverables:

1. Executive Report: A high-level snapshot of all existing vulnerabilities, activities and test results (Benchmarking with SANS Top 20, Qualys Top 20 and PCI)
2. Detailed Technical Report: A comprehensive report that will include technical vulnerability findings, supporting detailed exhibits for vulnerabilities when appropriate, and detailed technical remediation steps.