Web Application Security

While the adoption of Web-based technologies for conducting e-business has enabled organizations to connect seamlessly with suppliers, customers and other stakeholders, it has also exposed a multitude of previously unknown security risks.

If web applications are not secure, i.e., vulnerable to, at least one of the various forms of hacking techniques, then your entire database of sensitive information is at serious risk.

Some hackers, for example, may maliciously inject code within vulnerbale web applications to trick users and redirect them towards phisphing sites. This techniques is called Cross-Site Scripting and may be used even though the web servers and database engine contain no vulnerbality themselves.

Recent research shows that 75% of cyber attacks are done at web application level.

• Websites and related web applications must be available 24 hours a day, 7 days a week to provide the required service to customers, employees, suppliers and other stakeholders
• Firewalls and SSL provide no protection against web application hacking, simply because access to the website has to be made public – ports 80 and 443 must remain open to allow the web application retrieve, deliver and update the data residing within the database servers
• Web applications often have direct access to backend data such as customer databases and, hence, control valuable data and are much more difficult to secure
• Most web applications are custom-made and, therefore, involve a lesser degree of testing than off-the-shelf software. Consequently, custom applications are more susceptible to attack

Acunetix SiteAudit and Web Security

Acunetix SiteAudit is the new on-demand web security audit service that provides you with an immediate and comprehensive security audit of all off-the-shelf and bespoke web applications.

Performed by Acunetix web security consultants using Acunetix Web Vulnerability Scanner, Acunetix SiteAudit provides you with a full detailed report identifying the exact location of the weaknesses found within your web applications (including Javascript/AJAX applications, shopping carts, forms, etc.). The report will also contain a set of recommendations to help you fix the identified exploitable vulnerabilities.

With Acunetix SiteAudit, you can focus on what matters most - fixing these web vulnerabilities. Benefit from the advanced specialist experience of our web security consultants and eliminate the installation, hardware, administration and maintenance costs typically associated with purchasing and running software.

More information available at: http://www.acunetix.com/site-audit/