WEB SECURITY AUDIT
Ensuring security of public sector web-applications and web-portals against cyber intrusion.
We at Trigma are helping Government Agencies/ Departments in solving their web security related issues and ensure websites and related web-applications must be available 24 hours a day, 7 days a week, thus enabling organizations to connect seamlessly with citizens, businesses and other stakeholders.
As per the latest Cyber Intrusion trends released by CERT-In (Indian Computer Emergency Response Team of the Department of Information Technology, Govt. of India), for the month of August 2010, 36% incidents relate to Phishing, 27% for unauthorized scanning, 12% virus/worm under the Malicious code category and remaining 25% incidents related to technical help under the Others category.
Among the most serious vulnerabilities are path traversal, cross-site scripting, cross-site request forgery and SQL injection. Unmentioned are a newer threat, clickjacking, and a user interface issue called phishing.
Our ‘Web Security Consulting Service’ involves
- Internal web security audit: performed by experienced security professionals
- Facilitation of External web security Audit as per CERT-in Guidelines
- The service is designed to rigorously push the defenses of Internet networks and applications. It is suitable for commissioning, third party assurance, post-attack analysis, audit and regulatory purposes where independence and quality of service are important requirements.
Web Security Audit Process
Our web-security audit effectively helps assess and remove various Web Vulnerabilities of the following classes:
- SQL Injection
- Cross-Site Scripting
- Authentication & Authorization
- Buffer Errors
- Path (Directory) Traversal
- Web Browser
- Code Injection
- Information Leak/Disclosure
To learn more about our CERT-IN Web Security Guidelines Compliance services, get in touch.
