Banner Image

All Services

Other

Web Application Security Assessment

$135/hr Starting at $4K

Service Offering

We will perform a vulnerability assessment and penetration test of your web application(s). The test aims to provide senior leadership assurance that new and existing web applications are secure from compromise. These tests are usually performed as a program of ongoing testing, before a web applications release to production, or after a major service upgrade.

Whilst I am flexible I have found the best engagement model is as follows:

  1. Initial meeting to determine the exact scope, testing boundaries and key contacts.
  2. Gathering data and agreeing on a testing schedule
  3. Fieldwork and development of the initial findings register
  4. Initial clarifications and validation of the finding register with key contacts
  5. Draft report to release nominated senior leaders for comments
  6. Updates to report in response to comments from senior leaders
  7. Release of the final report to Senior Leaders
  8. Final exit meeting where the report can be discussed and final clarifications resolved.


The report usually takes between 1 and 2 weeks to finalize once the schedule has been agreed upon and depending on complexity and staff availability.

Testing is usually performed as both an authenticated (which will require a standard non-privileged user account and unauthenticated user and will usually cover the following areas:

  • Reconnaissance
  • Authentication & Session Management
  • Injection
  • XSS
  • XSF
  • Cryptography
  • Client-Side Attacks
  • Insecure direct object references
  • File inclusion vulnerabilities
  • HTTP Parameter pollution
  • Information Disclosure


Thank you for considering AssuredCyber Security and I look forward to speaking with you about your testing needs.


Best Regards

Tim Jackson

Principal Information Security Consultant

About

$135/hr Ongoing

Download Resume

Service Offering

We will perform a vulnerability assessment and penetration test of your web application(s). The test aims to provide senior leadership assurance that new and existing web applications are secure from compromise. These tests are usually performed as a program of ongoing testing, before a web applications release to production, or after a major service upgrade.

Whilst I am flexible I have found the best engagement model is as follows:

  1. Initial meeting to determine the exact scope, testing boundaries and key contacts.
  2. Gathering data and agreeing on a testing schedule
  3. Fieldwork and development of the initial findings register
  4. Initial clarifications and validation of the finding register with key contacts
  5. Draft report to release nominated senior leaders for comments
  6. Updates to report in response to comments from senior leaders
  7. Release of the final report to Senior Leaders
  8. Final exit meeting where the report can be discussed and final clarifications resolved.


The report usually takes between 1 and 2 weeks to finalize once the schedule has been agreed upon and depending on complexity and staff availability.

Testing is usually performed as both an authenticated (which will require a standard non-privileged user account and unauthenticated user and will usually cover the following areas:

  • Reconnaissance
  • Authentication & Session Management
  • Injection
  • XSS
  • XSF
  • Cryptography
  • Client-Side Attacks
  • Insecure direct object references
  • File inclusion vulnerabilities
  • HTTP Parameter pollution
  • Information Disclosure


Thank you for considering AssuredCyber Security and I look forward to speaking with you about your testing needs.


Best Regards

Tim Jackson

Principal Information Security Consultant

Skills & Expertise

IT Security OperationsPenetration TestingSecurity TestingVulnerability AssessmentWeb Application Security

0 Reviews

This Freelancer has not received any feedback.