Today’s corporate environments offer in a great way significant interaction with the user through computer applications. Applications that are implemented in a company or organization are the gateway to a great deal of sensitive and critical information.
It is necessary to control that all web applications are developed in a secure way, since through them it is possible to skip other security mechanisms. In the software security audit, the object of protection is the applications and, by extension, the information they manage.
At Evotec, our security specialists will perform a series of intrusion tests to detect the level of internal and external security of the company’s information systems, determining the degree of access that an attacker with malicious intentions would have in order to guarantee the security of the application. With the audit we will evaluate the applications, contemplating technical aspects, legal aspects and according to the scope, organizational aspects
Our security test includes tests such as: Web Server Best Practices Analysis, SQL Injection, XSS (Cross Site Scripting) and others. We try to identify and correct these variables. Depending on the client’s needs, additional or more specific tests will be performed.
We have also implemented Web Application Firewall, to proactively protect unwanted attacks, in addition to detecting them and alerting on them.
Application Security Audit
Our Application Security Audit will help you understand and address the risks your business is exposed to by using applications. Upon completion of the project, Evotec will provide you with the following documentation:
- Executive summary: main summary of test results.
- Detailed report for each unit test: the tests carried out and the individual results of each test will be listed.
- Recommendations: the guidelines or recommendations will be listed to alleviate or avoid possible problems detected.