Web Application Penetration Testing, sometimes referred to as WebApp PenTesting, is the act of simulating an attack on or through a web site or internet application. WebApp’s are everywhere today and more and more attacks begin with a vulnerability in an internet facing website.
Today’s market is driving companies to produce web content at an alarming pace. It’s important to test these applications frequently; seemingly minute changes in the code can expose gaping vulnerabilities and allow attackers a foot-hold into your environment.
Depending on the security budget and awareness of your organization these tests can range from a simple scan for known vulnerabilities to a manual test searching for application and business logic flaws.
If your applications have never been tested or are tested infrequently we recommend starting with a semi-automated test. A PenTester at NBG Networks will run a scanner against your application and then manually test some of the controls that more frequently fail.During advanced tests, it’s often helpful if you can provide NBG Networks with the code for a code review or access to the server. Server access generally speeds up the process of reviewing a web application, while still accurately portraying an attacker. Your company has a limited time and budget to test these applications but attackers do not.
Please go to the Contacts Section if you would like additional information.