Web Application Security : SPIguard Inc

By: Spiguard Security Solutions  09-12-2011
Keywords: web applications, Security Consultants, Penetration Testing

Web applications have become the primary vector for hackers, with more and more breaches occurring due to vulnerabilities in online applications. SPIguard can help ensure that your web applications are secure. We offer penetration testing and vulnerability assessment services that will uncover any vulnerabilities, allowing you to fix them before hackers find and exploit them.

The SPIguard Way

We know that your time is precious and your money, even more. We have a standardized approach to every engagement to ensure consistency and also to minimize the amount of time that you spend supporting our testing effort.

  • We will arrange a call or meeting to walk through your application and understand the functionality. Boundaries are defined and we let you know what to expect during testing.
  • You will fill out a discovery document that provides us with some initial information.
  • Areas of potential risk are identified. You will also have input into where you think the application should be the strongest and why.
  • We will then run an automated crawl to ensure that we have touched every part of the application.
  • We run automated tools to test your application to identify easy to find vulnerabilities.
  • Our experienced security consultants test the application manually to uncover hard to find vulnerabilities. They try and exploit issues identified during the manual and automated testing to ensure that the results are accurate.
  • We collect evidence of all identified and confirmed issues. Any critical issue that is identified is reported immediately to ensure that remediation can being immediately.
  • We take the results of both the automated and manual penetration testing and compile a consolidated custom-written report.
  • The report will detail all vulnerabilities uncovered during the testing process along with severity levels and recommendations for how to remediate each vulnerability that was identified.
  • We will present all findings to executives and key stakeholders
  • Our security consultants will answer all questions and explain the remediation advice provided in the report.

What Is Tested?

We test every component of the identified application thoroughly and cover all the areas such as:

  • Application configuration
  • Authentication and Access control
  • Data validation
  • Session security
  • Error handling
  • Information leakage
  • Application logic
  • Special tests that emphasise
    • Data compartmentalization
    • Sensitive data handling

The SPIguard Advantage

  • Our security consultants are world-class. They have years of experience developing web applications and performing penetration tests.
  • We use a proven testing methodology that incorporates a lot of manual testing and the best commercial/open-source testing tools.
  • We do not just hand over a canned report from the tools. Our reports are custom-written and contain information that is relevant to your organization.
  • You will have access to our security consultants who can advise you on the optimal solutions for your environment. At the end of every testing cycle, our consultants will go over all the identified issues with stake-holders from your organization.

Keywords: Experienced Security Consultants, Penetration Testing, Security Consultants, vulnerability assessment, web applications,

Contact Spiguard Security Solutions


Print this page

Other products and services from Spiguard Security Solutions


Network Security : SPIguard Inc

We review your network diagrams, determine which IP ranges are in-scope for the penetration test, provide an overview of our testing process, and discuss any special testing requirements. The report will detail all vulnerabilities uncovered during the testing process along with severity levels and recommendations for how to remediate each vulnerability that was identified.


SPIguard Certification : SPIguard Inc

SPIguard has taken its experience performing penetration tests and compliance assessments and come up with a certification service that ensures consistency and accuracy across platforms and architectures. The SPIguard CertifiedTM service verifies that your applications have been thoroughly tested and that you also have a secure application development methodology.


Security Services : SPIguard Inc

Hackers might be able to exploit misconfigurations of your network components or platform weaknesses to gain access to your network and steal your data. This where you most precious asset – data, trade secrets, etc – are stored. It is in your best interests to protect your infrastructure and network.