Every website vulnerability test is done black box. This means that I have no prior knowledge of any information regarding your site before an audit is performed. This approach simulates that of an actual attacker who may want access to your network through web page serving. I am able to perform complete security audits on all major content management systems such as Drupal and WordPress. After automatic scans are taken to check current security patches are implements, a manual penetration test will be undertaken to look for inappropriate web pages being serviced up, web server misconfiguration, and un-patched operating systems.
I also provide annual audits on your systems to make sure you stay prepared.
New cross-site attacks are introduced into the wild every day
so it is a good idea to stay ahead of the game. Contact me to discuss a preventative maintenance plan that suits your needs
Some of my clients use customized applications that either have been out dated and no longer have support. In these types of cases, thinking out of the box to provide added security levels is the best option on legacy applications. There might be cases where security was not considered. This is where a manual penetration test is essential to keeping organizational data secure. Some pen-testing companies use automated scanning tools, but these tools do not offer the customization required to stress test legacy or custom software. If you have off-site employees that log into your server to use company applications, you leave your network open to possible exploits that an attacker can quickly leverage to gain more access and privileges.