Web Security

Shield, SplendorNet’s innovative Web Security Audit Service, is combination of Penetration Testing and Code Review Methodology. It is a process of evaluating the security of a Web system by simulating attacks and reviewing the code of the web application, the process involves an active analysis of the application for any technical flaws or vulnerabilities.

Tasks typically include:

  • Input validation Check

  • Source code design Check

  • Information leakage & improper error handling

  • Direct object reference Check

  • Resource usage Check

  • API usage Check

  • Best practices violation Check

  • Weak Session Management Check

  • Using HTTP GET query strings Check

The Web system is vulnerable due to web network weaknesses or logical programming errors. Under Shield, we run an audit on the system to uncover the vulnerabilities. We also provide consultancy on how to bridge these gaps. The Web Security Audit exercise is based on industrial standard such as Open Web Application Security Project (OWASP).

Web Security Audit exercise has two Phases of testing, during 1st Phase of testing the security gaps are identified in the system. We also provide consultancy on how to bridge these gaps that we have uncovered. And during the second phase of testing we recheck the system and get confirmation of gap removal from the system.

A Shield exercise will help any Web system to

  • Identify vulnerabilities along with corresponding countermeasures.

  • Mitigate Security Risk.

  • Provide Assurance to partners and user.

  • Identify security gaps