Web applications are anything that can be access through a server. Web applications are so easily accessible online so any cyber-attack is most likely going to occur with your web applications. Here are some web applications that can be penetration tested:
- Online backups
- Websites CMSs and ecommerce sites
- Emails
Across the web applications there are an array of configurations that must be tested for vulnerabilities:
Security Configurations
HTTP Security
Backdoors with code
Internal Security
Input validation
Authentication
Security Architecture
Data Protection
Output Encoding
Error Handling and Logging
Session Management
Access Controls
Cryptography
Communication Security
Following a penetration test we recommend using a Web Application Firewall to protect your digital assets. At Blue Ocean Media we provide these for clients.