Web Application Penetration Assessment

Find vulnerabilities in your website

Next Steps:

Overview

The National Institute of Standards and Technology estimates that up to 92% of today’s vulnerabilities are at the application layer. Our experience shows that 9 out of 10 customers have at least one serious hole that could lead to disclosure of customer data or a total system compromise. Foundstone Web Application Penetration Assessment looks at a website from the perspective of a malicious hacker and finds the holes before they can be exploited.

Foundstone has led the field of web application penetration testing since day one. We published “Hacking Exposed: Web Applications” and continue to drive thought leadership in the industry with our latest book, “How to Break Web Software.” We will continue to integrate the service into our broader software security offerings to help our customers design and build more secure software.

We built and released many free tools to help automate some areas of testing, including SSLDigger, a tool to test the cipher strength and SSL configuration on web servers; CookieDigger, a tool to test the security strength of session cookies; and SiteDigger, a tool to determine if search engines like Google are exposing parts of your online presence.

The Open Web Application Security Project (OWASP) is the de facto reference point on the subject. Foundstone currently leads several key projects including creating a standard for testing criterion.

Key Benefits

  • Find holes in production websites before the hackers
  • Perform security quality assurance as applications move into production
  • Understand risks and the potential impact on your business
  • Rely on a detailed and well-established manual testing methodology for accuracy and effectiveness
  • Secure transfer knowledge of testing techniques, issues, and remediation

Methodology

We understand the significant limitations of automated testing tools like web application scanners, so almost all of our testing is performed and verified manually, using a well-defined, repeatable, and consistent methodology. We use automated tools in areas of the assessment only where they are proven to be accurate and effective (typically less than 5% of an engagement), and have sponsored an OWASP research project to benchmark the performance of such automated tools.

Discovery — We work with you to understand the business impact of various features, so that we can qualify and quantify the business risk of the vulnerabilities we find.

Assessment — To ensure that all vital areas are tested, and to ensure consistency and repeatability, we use a common security frame that includes:

  • Authentication
  • Authorization
  • User management
  • Session management
  • Data validation, including all common attacks such as SQL injection, cross-site scripting, command injection, and client-side validation
  • Error handling and exception management
  • Auditing and logging

Reporting and deliverables — At the end of the engagement, we produce a detailed, written report with an executive summary prioritizing findings and the impact on your business. Our individual technical findings all contain specific details and recommendations for mitigation.