Application Security Testingin San Francisco

Don’t let your applications be the gateway to cyber attacks.

San Francisco Computer Forensics offers highly cost effective application security testing which is a critical component for protecting digital assets. We find potential problems and offer realistic solutions quickly and within your budget.

The Application Threat

With the plethora of Internet applications we use every day to allow for on-line banking, bill pay, account and/or policy information which tie into a host of databases containing personal information, or corporate secrets, the hacking community has found attacking an application is often less complex, tempting them with the possibility of easier and bigger rewards. For instance, if hackers were to compromise a database through a company’s on-line store, they may be able to gain personal information, like billing addresses, credit card information or any number of personal information fields that easily allow for terrible consequences, like identity theft, credit card fraud or information brokering.

Be Responsible

Organizations that use ASPs (Application Service Providers) and don’t host their own applications, should be aware if the hosted application was tested. Once an organization decides to trust an ASP with its data, the diligent and prudent practice would be to have the ASP have the application(s) tested and supply a copy of the resulting report to the organization for review. This process allows an organization to thoroughly understand the risks and affords an opportunity to take appropriate measures.

What is Application Testing?

Application security testing lets you know, ideally before an application goes live, if it is vulnerable to compromise by an attacker from the outside, or from within. Is the application vulnerable to hacking, SQL Injection or Cross Site Scripting? Before you trust confidential customer data to an ASP, it is imperative you make sure the application was properly tested for vulnerabilities. GDF can test an application for vulnerabilities, help secure it and ensure your organization’s data is substantially more secure.

What is Tested?

Server Configurations
Session Management Security
Cookie Poising
Cross Site Scripting
CGI Manipulation
Buffer Overruns/Overflows
Weak Passwords
ACL Integrity
Command Injection
Forceful Browsing
Cryptography Configuration
Hidden and Form Field Manipulation
and more…

