fbpx
wave-1 wave-2

Security Testing

We test applications and systems for security.
Security Testing

Security Testing

No matter if you're worried about the security of a single application or a diverse system, our experts in the area of security cooperate with you to develop an individual plan that meets the needs of your application.
  • app verification
  • the improvement of the condition of security
  • continuing DevOps security programs and trainings
  • solutions adapted to your goals and to your budget.
S Security Testing

Catalog of Service

01

Risk assessment

  • Review of architecture of the application
  • The overview of the program code
  • The audit of the database
  • The testing of mobile applications
  • The evaluation of the infrastructure of WiFi and looking for fake points of access
  • The audit of rules of firewall security
  • The automated scans of infrastructure and modules of application
  • The audit of the control of SCADA processes
  • The evaluation of the level of security for IoT solutions, autonomous machines
  • The verification of external suppliers
  • Cloud solutions (Cloud Services)
02

Verification of compliance with standards

  • ISO/IEC 27000- 27999 (Information Security Standards)
  • PCI DSS (Payment Card Industry Data Security Standard)
  • GDPR: General Data Protection Regulation (GDPR)
  • The audit of the SDLC (Secure software Manufacturing) process
  • SOC reports
03

Protection of property and privacy

  • Social engineering
  • Access control audit
  • Control of the CCTV
  • Detection and analysis of Trojan and Malware attacks
  • Construction of the user?s awareness
04

Consultations

  • Evaluation of security procedures
  • Incident reporting mechanisms
  • Creation of restore procedures and security copies
E SAFETY TESTS

The sample description
of tested stages and areas

Risk assessment

Risk assessment

Security auditing

Security auditing

Penetration testing

Penetration testing

Attitude/policy assessment ? Posture assessment

Attitude/policy assessment ? Posture assessment

Security scanning

Security scanning

Searching for sensitive points - Vulnerability scanning

Searching for sensitive points - Vulnerability scanning

A sample description

Download
P WEB

Sample areas being the object of
WEB application tests

01

Collecting information

  • The techniques of social engineering
  • The detection of the server
  • The identification of entry points
  • The mapping of the architecture of the application
02

Management of configuration and installation

  • The configuration of network infrastructure
  • Searching for administrative access
  • Securing of sensitive files
  • HTTP methods
  • HTTP Strict Transport Security
  • RIA cross domain policy
03

Management of Identity

  • The outworking of definition of roles
  • The process of registration
  • The management policy of accounts
04

The process of the authentication

  • Testing the channel of data emission
  • The mechanism of password management
  • Bypassing authentication
  • Risk generated by the cache
  • The alternate channels of authentication
05

The process of the authorization

  • Directory/path traversal
  • Bypassing the mechanism of authorization
  • The escalation of permissions
06

Management of users? sessions

  • Bypassing the mechanism of session
  • Cookie attributes
  • Classified data display
  • Logout functionality
  • Dimming the session
07

Techniques of input validation

  • Manipulation of HTTP commands
  • Change of parameters
  • Injection attacks
08

Error handling

09

Weak cryptographic mechanisms

10

Customer susceptibility of the code

The models of the cooperation

Customer teams

The service is dedicated to the Customers having project teams. We give you the possibility to provide you quickly with the missing competences.

The teams at the headquarters of the B2Bnetwork

We can use our hardware and software. We implement the system that gives you the chance to make monitoring in a constant way.

The models of the accounting

Fixed - Price

The determined area of the project, the requirements, the time of realization and the price.

Time&Material

The budget of the project depends on the work needed to be carried out.

Time&Material with a limit

We determine the area of activities with a limit on the budget and the time of realization.
CTA

    Please check if we're able to help you in software testing.

    Please make an appointment with us for a short conversation of a few minutes and in the course of our meeting we'll prove together if the cooperation with us will bring any changes for your project.

    Have you got questions?

    Please contact us!