Application Threat & Vulnerability Assessment

The use of extranets and e-Business technologies opens organisations up to the outside world, and only through the effective use of security technologies can increased risks to company information assets be mitigated.

eSecure’s Application Threat & Vulnerability Assessment, aka Application Penetration Testing aims to provide an appraisal of the defences put in place to protect the information assets from attack.

Application Penetration Testing

eSecure’s Application Penetration Testing aims to provide an evaluation of the defences put in place, not only at the network layer, but at the application layer. Many applications are developed using poor and insecure software coding practices, resulting in the unknown exposure of an organisation’s internal data and resources.

eSecure’s application penetration testing is separated into two phases:

  1. Application Scanning and Profiling (Unauthenticated)

    Application scanning and profiling is considered one of the most important aspects of application penetration testing. Depending on the application, this technique can allow us to identify some of the business flows of the application, and identify potential vulnerabilities in the business logic, typically allowing some form of authorization bypass or escalation.

    The primary objective of this phase is to gain an understanding of the application’s development and security architecture, to assist not only in determining ways to bypass the application authentication mechanisms and controls, but to assist in future phases of the application assessment.

    Areas of focus during this phase include identifying application component trust relationships, authentication & encryption mechanisms and policies, excessive application message information, code discovery, and other application mis-configurations that provide useful information to an attacker.

  2. Application Vulnerability Analysis (Authenticated)

    On completion of the Application Scanning and Profiling, test user credentials are requested to provide authorised access to the application. Further profiling is undertaken with the credentials to extend and explore any information gathered in the previous phase, thereby gaining a greater understanding of the application functionality and architecture.

    Areas such as the application’s authentication, encryption, back-end interfaces and the application solution’s implementation will be assessed. Areas of focus and review include Application parameter controls, Authentication Management, Session Management, XSS Identification, SQL / XML Injection, Client Side Caching attacks, Replay / Man in the middle attacks, User request tracking attacks, File permission / services attacks and other common privilege escalation attacks.