Home
| About Us | Contact Us | Careers


Home > Offerings > Services > Software Testing > Security Testing



  >     Big Data Testing
  >     E-Governance Testing
  >     Functional Testing
  >     Load and Performance Testing
  >     Testing Automation
  >     Security Testing


 

  +91 22 4050 8200
  sales@auditimeindia.com



 
 
Security Testing

With easier access to security exploitation techniques and tools availability, hacking has come in the hands of Amateur hackers, thereby increasing risk of exploitation multifold. Application security should be integral part of development process and Network, servers and infrastructure security testing should be part of project role out strategy.
....................................................
Majority of system exploits happen through internal sources. With easy availability of hacking tools, the knowledge of common exploits and practices has become public knowledge. ....................................................
 
Security testing with right tools, right capabilities and right partner is what we bring as value solution to our clients. Our comprehensive Security testing solution for network layer, application layer, server layers and database layer helps in securing business from all levels of vulnerabilities and make it hack proof.
Our continuous watch on global exploits helps our customer in managing their infrastructure and prevents exploits on their infrastructure.
Our Security Testing approach ensures compliance to Standards, Best Practices and Regulatory Requirements such as

• Open Web Application Security Project (OWASP) Top 10
• The Web Application Security Consortium (WASC)
• Payment Card Industry – Data Security Standards (PCI-DSS)
• International Standard Organization (ISO) 27001:2005
• Health Insurance Portability and Accountability Act (HIPPA)
• Sarbanes-Oxley Act (SOX)/Central Bank Regulations
• Family Educational Rights and Privacy Act (FERPA)
• Data Protection Act and many more…
 
Following is list of our primary focus for security testing

• A1 – Injection: e.g., SQL Injection
• A2 - Broken Authentication and Session Management: e.g., Password / Session Token    Compromise
• A3 – Cross Site Scripting: e.g., Stealing Cookies
• A4 – Insecure Direct Object References: e.g., Object access such as restricted file or    directory
• A5 – Security Mis-configuration: e.g., Source Code Access, Account Lockout setting
   not implemented
• A6 - Sensitive Data Exposure: e.g., not properly protect sensitive data, such as credit    cards, tax IDs
• A7 – Missing Function Level Access Control: e.g., function level access rights
• A8 – Cross Site Request Forgery: e.g., Stealing Other Users Identity
• A9 – Using Components with Known Vulnerabilities: e.g., Vulnerable Components,    such as libraries, frameworks, and other software modules
• A10 – Unvalidated Redirects & Forwards: e.g., Phishing sites or Bogus sites not    getting being validated
 

 
Consult us to learn how we can help in your area of interest.
  +91 22 4050 8200 sales@auditimeindia.com


Source : The Web Application Security Consortium ( WASC )
 
 

















 
 

Services

Risk & Audit Services
Software Testing
Information Security





Products


VueFrame®
Pentana
Arbutus
Infosphere Guardiuam

Domains


Banking
Financial Services
Insurance
Manufacturing

Insights


Case Studies
Jump Start Testing Kit
Presentations
Thought Papers
Webinars


Corporate

Clients
Partners
Careers
About Us
Contact Us
© 2014 Auditime, All Rights Reserved