Coolcat Inc Security Consulting Services
Web Application Security Audits
Following the rapid growth of web enabled applications came the rapid growth in discovered web vulnerabilities, and the HTTP protocol became a hacker's easiest path into a corporate network. First, web application software is notoriously full of vulnerabilities, products such as IIS, ColdFusion, and PHP have a poor security track record. Second, many in-house and even commercially developed web software often considers application security as an after though and is usually vulnerable to some type of attack such as authentication bypass, SQL Injection or Cross-Site Scripting. Finally, attacking Web Applications is popular because it is often the easiest and most direct route to the internal network since almost all firewalls are configured to allow inbound port 80 and 443 TCP traffic.
Coolcat Inc is Here to Help
You can no longer ignore the security of your Web applications. Web applications collect personal, classified, and confidential information such as medical history, credit and bank account information and user satisfaction feedback. Additionally, if your organization is bound by legislation or industry compliance such as HIPAA, GLBA, PCI, or Sarbanes-Oxley to protect the privacy and security of personally identifiable information, and hackers can get at this sensitive information, you run the risk of being found guilty of non-compliance.
Coolcat Inc’s Web Application Security Audit will provide you with an overview of the effectiveness of the security controls you have in place to protect your web applications from attack. Coolcat Inc, in conjunction with the Open Web Application Security Project (OWASP), has developed a comprehensive framework for assessing the security of web-based applications.
This framework includes checks for:
Unvalidated Input Parameters
Broken Access Control
Broken Authentication and Session Management
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)
SQL and Command Injection
Improper Error Handling
Insecure Configuration Management
Coolcat Inc will also provide remediation advice for those items discovered during the audit, as well as ensure you understand their overall context within the the framework of web application security. Coolcat Inc can also provide consulting services and work with you to fix problems and achieve compliance with government or industry regulations.
For those of you who want your staff to have a deeper understanding of Web application security, COOLCAT INC offers a Web Application Security Training course that teaches how to take an offensive approach to application security. The course teaches students how to attack and defend web-based applications using same methodology as an external hacker. We focus on application layer security and teach students how to secure distributed applications by walking through actual application exploits.
Contact us to find out how Coolcat Inc can help you secure your web applications and keep your business running effectively.