WEB APP VULNERABILITY ASSESSMENT
What is a Web Application Vulnerability Assessment (WAVA)?
A WAVA involves looking at your website or web services to determine if there are any weaknesses that could be exploited by cyber criminals.
To do this, we use a combination of automated scans and manual passive testing which would not impact the performance of your web services.
If any weaknesses are found, we rate the risk that they pose to your business and can advise you on the next steps you can take with your internal IT team or an external partner to address them.
Who should have a WAVA?
Cyber criminals commonly run scans to look for known weaknesses in business websites or web services. A WAVA is therefore something all businesses with any online presence should consider.
What are the benefits to my business?
Reduces the chance that a criminal can breach your website and cause financial or operational disruption, protecting against loss of data, money, and time;
Provides you with reassurance that you are doing all you can to protect your customers, your supply chain, and your employees.
​
How much does it cost?
Each service we offer is tailored to suit the needs of the business we are working with.
Action | First Steps Web Assessment | Web Application Vulnerbility Assessment |
|---|---|---|
Report length | 1-2 pages | Extensive |
Report Detail | Overview | Highly detailed with an Exec Summary |
Broken Authentication | X | |
Software and data integrity failure | X | |
Security logging and monitoring failure | X | |
Server side request forgery | X | |
XML External Entities | X | |
Security Misconfiguration | X | |
Cross site scripting | X | |
SQL injection | X | |
Insecure Design | X | |
Broken Access Control | X | |
Vulnerable and Outdated components | X | X |
Sensitive Data Exposure | X | X |
Automated Vulnerability scan | X | X |
Reconnaissance / Enumeration | X | X |