The service is designed to rigorously test the defenses of both internet and private networks and applications. It is suitable for commissioning, third party assurance, post-attack analysis, audit and regulatory purposes where independence and quality of service are important requirements.
A final written report provides an analysis of any security or service problems discovered together with proposed solutions, links to detailed advisories and recommendations for improving the security of the service under test.
ZZ Servers Penetration Testing service can be used to ensure compliance with PCI DSS v.1.2 requirement 11.3, (penetration testing) as it includes both internal, external, network and application layer testing.
Areas Covered by Testing
- Configuration errors
- Application loopholes in server code or scripts
- Advice on data that could have been exposed due to past errors
- Testing for known vulnerabilities
- Reducing the risk and enticement to attack
- Advice on fixes and future security plans
Typical Issues Discovered in an Application Test
- Cross-site scripting
- SQL injection
- Server misconfigurations
- Form/hidden field manipulation
- Command injection
- Cookie poisoning
- Well-known platform vulnerabilities
- Insecure use of cryptography
- Back doors and debug options
- Errors triggering sensitive information leak
- Broken ACLs/Weak passwords
- Weak session management
- Buffer overflows
- Forceful browsing
- CGI-BIN manipulation
- Risk reduction to zero day exploits
Have you said anything like this before? If so, contact us today:
- We installed our network ourselves and things aren’t working as expected
- Our wireless network is slow, and some users are complaining
- We take credit card and now we have to fill out complex paperwork
- What’s wrong with the internet!!
- I want to be ready for the future, what do I need to do?
- My current IT company is difficult to work with and is slowing us down.
- My web site is really old
- My office manager is overwhelmed and can’t fix the computers anymore
- I don’t know if office 365 is right for my business
- My medical practice is growing, and I need help with HIPAA compliance
- Should I be worried about ransomware and malware?
- What is the cloud!
Want to find out how we can help?
Does any of this sound familiar? Are you ready to find help? If so, contact us to schedule a free consultation.