Web Application Vulnerability Assessment
Our Web Application Vulnerability Assessment has been designed to pinpoint your cybersecurity weaknesses & explain what they are to you. We’ll even provide potential mitigations to any risks that we identify! Think about it this way, the more you know, the more secure you can be and the more protection you’ll have against cyber criminals.
What Does a Web App Vulnerability Assessment Include?
Once the assessment is completed you will receive a report that includes:
-
Understandable descriptions.
-
The meaning of each weakness.
-
Risks associated with each weakness.
-
Mitigations for identified risks.
We use regional Police and National Cyber Security Centre intelligence. This makes us aware of the latest threats and techniques used by cyber criminals.
Based on industry best practice, this service will:
-
Assess your website and web services for any weaknesses.
-
Assess your website for the top 10 security risks for websites.
-
Attempt to identify vulnerabilities.
What Are the Risks With This?
Although we do our best to make sure that noticeable interactions with your system are kept to a minimum, issues stemming from poorly maintained or designed systems can cause outages during a Web Application Vulnerability Assessment. While we haven’t had an outage as a result of our testing process yet, it’s always better to be prepared.
How Do We Minimise This Risk?
Your business is our main priority, so we take all necessary precautions to ensure that you don’t lose business continuity as a result of our vulnerability testing. To mitigate this risk, we recommend that all website vulnerability assessments are supported by the client with backup and recovery plans. So you can have peace of mind knowing that your data is safe.
Whether we test on production or testing environments is up to you, it’s very rare that an outage would ever occur, and it hasn’t happened yet, but we’re happy to give you the choice to ensure your peace of mind.
Do We Have Any Other Recommendations?
To ensure that everything runs smoothly, we suggest making employees and those that need access to your website systems aware that the assessment is taking place – that way they don’t panic in the rare case that an outage does occur. It could also be beneficial to plan ahead with alternative ways for your employees to continue their projects.
The IASME Cyber Essentials Partner network can also provide additional support (e.g. full penetration testing). They are also certifying bodies for the Cyber Essentials and Cyber Essentials Plus schemes, & so can help you achieve these too.