At Prolifics Testing, we are experts in cybersecurity testing. Our offering involves a range of checks, such as penetration tests, application security tests, vulnerability assessments, and PCI compliance. These tests are frequently automated, and can be easily integrated into your development process to shift left through automated application security scans.
We begin our security testing engagements by carrying out a security test assessment. This involves threat modelling and examining user privileges, access permissions and analysing internal architecture. Following this, test scripts are built and the environment prepared.
Our application security scans are based on the OWASP Top 10, a list of the most serious security risks posed to web applications:
- Injection Flaws
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access Control
- Security Misconfigurations
- Cross Site Scripting (XSS)
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Insufficient Logging and Monitoring
Throughout the process, our consultants make use of our internally developed Security Testing Accelerator to speed up test automation. With one touch of the button, our accelerator scans an application, locates potential vulnerabilities and generates a full report with recommendations for rectifying these flaws. This accelerator cuts out the need for expensive security experts, who often engage in lengthy and hard-to-implement analysis.
A typical security test takes approximately 3 weeks to complete, and can be carried out on-site (when restrictions allow), remotely, or offshore.