What we do
We go beyond finding SQL injection and cross site scripting (XSS) and perform logic testing to find ways that attackers could defraud you. E-commerce websites have been known to allow users to purchase items for less than their advertised price or even credit their accounts.
The Security Bureau tests to the OWASP Top Ten but we go way beyond that. The exploitation of low risk vulnerabilities could be combined to result in the complete compromise of the application.
Our approach to your security test will depend on the information we gather at our project kick-off meeting with you. Typically, your testing will involve looking for exploitable vulnerabilities that would enable us to:
• Access restricted data
• Modify site content
• Change the value of goods and defraud you
• Gain additional system information and user privileges
Related
- What’s the difference between a penetration test and a bug bounty? - To stay secure and comply with regulations, businesses must regularly test their assets for vulnerabilities. There are several ways to
- Why financial services need penetration testing in 2020 - It’s that time of year again, where we try to shed the festive pounds and look to the year ahead.
- How to avoid ransomware in financial services - Travelex’s ransomware attack is an all too familiar story. An organization - large or small - falls victim to cybercriminals