What Are Web Application Security Risks?
Whether your web application is employee-facing, B2B or B2C, there is an inherent level of trust that is assumed when users are allowed to enter, navigate and utilize applications and/or application portals. Attackers can potentially use many different paths through your application to do harm to your business or organization. Each of these paths represents a risk that may, or may not, be serious enough to warrant attention.
Sometimes these paths are trivial to find and exploit, and sometimes they are extremely difficult. Similarly, the harm that is caused may be of no consequence, or it may put you out of business. To determine the risk to your organization, you can evaluate the likelihood associated with each threat agent, attack vector, and security weakness and combine it with an estimate of the technical and business impact to your organization. Together, these factors determine your overall risk.
The CyberHunter Approach:
CyberHunter begins all web application penetration test using methodologies based on the OWASP Top 10 Most Critical Web Application Security Risks, OWASP Testing Guide v4, CWE/SANS TOP 25 Most Dangerous Software Errors and The Penetration Testing Execution Standard (PTES). All testing by CyberHunter is manually performed by a human. We do not just “scan and patch” your systems. Although we are ethical hackers, during testing, we employ tools, techniques and procedures (TTPs) that are identical to what you would face with a real hacker.
Each web application is a different challenge and they are all tackled in a unique manner using a combination of industry tools, custom tools, manual input manipulation, and outside-the-box thinking by our world-class testing team. The below description gives a generic overview of some of the areas that will be assessed by the tester:
Enumeration / Reconnaissance – This exercise is a precursor to the actual penetration test and involves investigating the underlying servers and web applications for possible vulnerabilities and weaknesses that may be exploitable. Specifically, we are looking for misconfigurations, vulnerable software, weak credentials, and poorly coded software that a hacker could use to infiltrate a server or compromise the application.
Exploitation Testing – In this two-pronged test phase, Cyberhunter will first look to exploit any weaknesses or vulnerabilities identified in the underlying servers and web application with the objective of breaching it from a black box perspective (i.e. no credentials or knowledge of the systems).
Next, we will use a blend of automated and manual exploration techniques (using login credentials if applicable) to test the application in much greater depth. In this stage, we are verifying whether or not a malicious end-user operating in the portal can damage the reliability or integrity of either the server, the application or the data residing in the systems. This is where the OWASP, CWE/SANS and PTES guides come into play. Testing can include high-level categories such as:
Injection (flaws and attacks)
Broken Authentication and Session Management
Cross-Site Scripting (XSS)
Insecure Direct Object References
Security Misconfigurations
Sensitive Data Exposure
Missing Function Level Access Control
Cross-Site Request Forgery (CSRF)
Known Vulnerability Testing
Unvalidated Redirects and Forwards
Reporting and Deliverables:
Pen Testing Reports