What we do
We go beyond finding SQL injection and cross site scripting (XSS) and perform logic testing to find ways that attackers could defraud you. E-commerce websites have been known to allow users to purchase items for less than their advertised price or even credit their accounts.
The Security Bureau tests to the OWASP Top Ten but we go way beyond that. The exploitation of low risk vulnerabilities could be combined to result in the complete compromise of the application.
Our approach to your security test will depend on the information we gather at our project kick-off meeting with you. Typically, your testing will involve looking for exploitable vulnerabilities that would enable us to:
• Access restricted data
• Modify site content
• Change the value of goods and defraud you
• Gain additional system information and user privileges
- What to consider when you’re requesting a penetration test… - There are a number of things to consider when requesting a penetration test, we've put together a list of factors