[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More
Experts Exchange Solution brought to you by
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Web Application Penetration Test
How many web applications are being assessed?
How many login systems are being assessed?
How many static pages are being assessed? (approximate)
How many dynamic pages are being assessed? (approximate)
Will the source code be made readily available?
Will there be any kind of documentation?
If yes, what kind of documentation?
Will static analysis be performed on this application?
Does the client want fuzzing performed against this application?
Does the client want role-based testing performed against this application?
Does the client want credentialed scans of web applications performed?
Good penetration tests do not simply check for un-patched systems. They also test the capabilities of the target organization. To that end, below is a list of things that you can benchmark while testing.
Ability to detect and respond to information gathering
Ability to detect and respond to foot printing
Ability to detect and respond to scanning and vuln analysis
Ability to detect and respond to infiltration (attacks)
Ability to detect and respond to data aggregation
Ability to detect and respond to data ex-filtration
From novice to tech pro — start learning today.
Premium members can enroll in this course at no extra cost.