Software Development

securai_icon_grau_web-anwendungen

Penetration test for web applications

Application penetration test of a PHP application for the management of environmentally relevant measurement data.

assignment

The task

A customer produces web-based software, for the management of environmentally relevant measurement data. As the data is critical for the end customer, the software manufacturer wants to verify that no unauthorized access is possible. The Securai was commissioned to perform a web application penetration test.

assignment_ind

Our approach

The assessment starts after a preliminary discussion, which clarifies the aims of the penetration test. The experts of the Securai follow the OWASP Top Ten, the OWASP ASVS as well as an in-house checklist to systematically identify vulnerabilities in the application.

assignment_turned_in

Added value for the customer

It was possible to identify multiple vulnerabilities, some of which were critical. Among other things, an arbitrary remote code execution on the web server was discovered and the authorization management could be bypassed. The customer used the results to secure their software. The subsequent retest verified that the vulnerabilities were correctly closed.

More from our portfolio

Previous Post
Optoelectronics
Next Post
Automotive

Ähnliche Beiträge

No results found.

Menu