Security Audit

We need full access to code and HW infrastructure in order to be able to check the following items (and some more)

Site Injection

Broken Authentication and Session Management

Cross-Site Scripting (XSS)

Insecure Direct Object References

Security Misconfiguration

Sensitive Data Exposure

Missing Function Level Access Control

Cross-Site Request Forgery (CSRF)

Usage of Components with Known Vulnerabilities (ask us for the supported frameworks) 

Unvalidated Redirects and Forwards