• Data (buffer overflow) & Database - SQL injection.
• User interaction - Cross site scripting.
• Authentication – risks, clear text.
Who Needs Web Application & Database Assessments??
Web application and database assessments are ideal for:
Web sites that interface with database systems Emerging and fast growing firms
Businesses concerned about security
Organizations in the financial and health care industries
Buffer overflow, SQL injections, cross site scripting, JavaScript, and other programming concerns
For many organizations, Web applications are the most vulnerable element of an organization’s IT infrastructure. As your organization uses the Internet for customer, supplier, employee, and vendor interactions, Web technologies and database interfaces become more complex and require additional security.
CCITA’s web application and database assessments are customized to your specific needs. Our assessments help your organization manage its risks, prioritize assets, resources, and identify issues before they result in down time.
We then emulated a hacker attack by using automated tools to launch a series of vulnerability attacks on each web site page. Our tools analyzed each page in an effort to identify weaknesses.
Traditional Protection
Since web sites need to be accessible by the public, security mechanisms must allow web traffic to communicate with database servers through web applications. As a result, firewalls and similar intrusion detection mechanisms provide little defense against knowledgeable hackers and full-scale web attacks.
Deliverables
Our deliverables include a report of our findings as well as recommendations, costs, and a prioritized Action Plan. The entire Work Plan takes from one week to as long as three months, depending upon the scope.
General IT Assessment
CCITA’s assessments identify the areas that deliver the most value for your organization. By identifying and quantifying IT related strengths and weaknesses, we deliver bottom line results. CCITA’s assessments include:
