Web applications are anything that can be access through a server. Web applications are so easily accessible online so any cyber-attack is most likely going to occur with your web applications. Here are some web applications that can be penetration tested:
- Online backups
- Websites CMSs and ecommerce sites
- Emails
Across the web applications there are an array of configurations that must be tested for vulnerabilities:
- Security Configurations
- HTTP Security
- Backdoors with code
- Internal Security
- Input validation
- Authentication
- Security Architecture
- Data Protection
- Output Encoding
- Error Handling and Logging
- Session Management
- Access Controls
- Cryptography
- Communication Security
Following a penetration test we recommend using a Web Application Firewall to protect your digital assets. At Blue Ocean Media we provide these for clients.