What we do

We go beyond finding SQL injection and cross site scripting (XSS) and perform logic testing to find ways that attackers could defraud you. E-commerce websites have been known to allow users to purchase items for less than their advertised price or even credit their accounts.

The Security Bureau tests to the OWASP Top Ten but we go way beyond that. The exploitation of low risk vulnerabilities could be combined to result in the complete compromise of the application.

Our approach to your security test will depend on the information we gather at our project kick-off meeting with you. Typically, your testing will involve looking for exploitable vulnerabilities that would enable us to:

• Access restricted data
• Modify site content
• Change the value of goods and defraud you
• Gain additional system information and user privileges

Related

More articles

The latest from the security bureau

Cyber Threats: What to be aware of in Financial Services

Organisations in the financial industry hold a large amount of sensitive data on their customers which can make them a prime target to cyber criminals. The more sensitive the data the larger the target your organisation can become.

Dealing with Data Retention in The Finance Industry

We’ve been working with financial and insurance companies getting them in-line with the GDPR and we’re answering the most common questions asked are around data retention and the right to be forgotten.