As the Web evolves from the document model to the application model, it is becoming more database driven, complex, and dynamic. As such, we rarely ever see static sites built today.
Along with this increasing complexity, the number of exploits to compromise web sites have also increased. The onus is on the site operator or organization to shield their online properties, and their users, from malicious attacks. To do this, systematic auditing and assessment must be a part of your deployment and ongoing operational strategy.
Augmentum provides web security testing, consulting, and solutions to address common exploits, such as:
- Database Injections (PHP/JSP/ASP SQL Injections and XPath Injections)
- LDAP injection
- CRLF Injection (HTTP Response Splitting, session fixation…)
- File handling errors
- Cross-site scripting, cross domain form POSTs
- HTTP and HTTPs context switching