Web-Application Security Testing Service - WAST

Comprehensive web-application security testing

Overview of Our Technical Process - E.D.I.T.E

Automated Testing - Proprietary, Open-Source & Commercial Tools

  • Information gathering modules identify the web-application environment, frameworks, dependencies & platforms.
  • Internal intelligence engine selects ideal tools for the web-application, which includes proprietary, open-source and commercial tools.
  • Data from various tools is collected, streamlined, cross-referenced and stored into the internal testing database.

Manual Testing - Web-application Mapping and Logic Testing

  • Web-applications are divided into core modules and functional areas.
  • Each module is thoroughly analyzed and reverse engineered to identify files, folders and parameters.
  • Data flow between components is mapped along with their logical relationships.
  • Expert consultants create test cases based on business concerns, pain areas and potential abuse scenarios.

Integration - Data Correlation and Cross-Referencing

  • Data from automated and manual testing is cross-referenced and correlated to establish a final list of issues.
  • Data is referenced from public & private sources to build rich issue profiles.
  • Expert auditors analyze the data and extract any key details that may not have been picked up automatically.

Reporting - Custom Developed with Detailed Fix Information

  • Experts manually document details, descriptions, proof of concepts and references specific to your web-applications.
  • Each module is thoroughly analyzed and reverse engineered to identify files, folders and parameters.
  • Step by step POCs and fix information helps your teams understand issues.