We help you remove security risks from vulnerabilities that are in your system such as SQL injection and cross site scripting by performing a vulnerability assessment of your web application.
This is a security assessment service for detecting vulnerabilities in web application such as SQL injection and cross site scripting. Vulnerability assessment is regarded as an effective and necessary measure for preventing illegal access and information leakage, which have affected many websites in recent years. Through vulnerability assessment of web applications, Ierae Security helps construct secure systems that are essential to web applications such as e-commerce sites and SNSs that handle private and sensitive information. We detect vulnerabilities without solely depending on automatic assessment tools, but rather using a method that combines tools and manual techniques where our security engineers comb the system from the viewpoint of an attacker for logic-related issues as well as issues that arise from the use of technologies that have become popular in recent years. Once the assessment of your web application is over, we compile a report detailing how to reproduce the vulnerabilities that have been detected and outline the best measures against security risks.
Preparations for a Web Application Assessment
We ask you to first specify the scope of web application assessment, after which we estimate the necessary workload.
We examine the structure of your system by studying its specification documents, interviewing your system representative, and accessing the actual application, in order to estimate the number of requests to be tested in our assessment.
We ask you to choose either a remote assessment that is conducted by accessing your system through the Internet or an on-site assessment where our security engineers visit a location from which the target application can be accessed. We then give you an estimate per request unit depending on your choice.
Performing a Web Assessment
We perform a tool-based assessment of the target web application as well as a manual assessment from the viewpoint of an attacker to detect flaws that cannot be detected by tools.
We perform a comprehensive analysis of the target system, to which tools are better suited, in order to detect vulnerabilities in your web application that are caused by wrong settings or a lack of security measures.
Our security engineers study the validity of the results of the tool-based assessment and examine assessment items that cannot be tested using tools, which all be done manually. It is sometimes the case with minor individual vulnerabilities that they create a large security risk when combined.
Submitting an Assessment Report and Proposing Measures to Improve Your Web Application
We report on the details of the risk assessment results, executive summary, and vulnerabilities that have been detected in your web application.
We report on the assessment results, and if one or more vulnerabilities have been detected, we explain how they may affect your business. We also propose measures that are recommended from the viewpoint of business operation.
We report on the details of the vulnerabilities, how to reproduce them, etc. We also outline what risks can arise from them and what countermeasures should be taken.
A Major e-Commerce Enterprise
A Major Telecommunications Company
In the report of the assessment results, we present the details, reproduction procedures, risks, and countermeasures for the vulnerabilities that are discovered, so that the client company can correct them quickly.
*Please request a sample report on the inquiry page. A representative will send them within two business days.
Please do not hesitate to contact us.
Wishing to solve security issues in your web services or apps and maximize profit? Please do not hesitate to contact us, as we will be delighted to help you.
Our highly experienced security engineers will test your system.