Providing comprehensive Web Application Security Testing services.

The number of US businesses transacting on-line is at an all-time high. Whether it is on-line retailers selling direct to consumers, or businesses providing extranet type services to their trading partners, there is a growing trend to bring more and more functionality to the Internet browser. Elevate provides comprehensive Web Application Security Testing services. We provide Penetration Testing services that assess e-commerce, B2B and Cloud-Based services through to Web Service XML feeds and Mobile Device applications. Our team of consultants are industry recognized experts, developing both cutting-edge approaches for security testing as well as optimized mechanisms for securing your mission critical business data.

Elevate can provide the following Web Application Security Testing Services:

  • Web Application Testing (credentialed, non-credentialed)
  • Web Services Testing (APIs)

Web Application Testing

Web Server Tests are designed to assess all types of web server, ranging from static brochure ware websites to all-encompassing transactional e-commerce environments. Elevate focuses on looking at the application logic that has been built in to the website, and pays attention to any aspect of the environment that allows a user to enter input.

Web Server tests will assess an environment for server-side attacks such as SQL injection and Blind SQL injection. In addition, tests will assess an environment for client-side attacks, such as Cross Site Scripting exposures which could allow an attacker to manipulate the clients that access your infrastructure. Elevate will assess the design of a web infrastructure, including the use of cookies and logon forms, as well as the way in which data is encrypted, the way in which content is displayed, and the error messages that are displayed when invalid pages, commands or input is entered in to the environment.

Elevate can provide advice and guidance on how you can improve the security of your web application software. In many instance, we can provide software development services to fix application logic or write input validation controls to protect the environment from malicious Internet users.

Web Service Testing

Web services testing can be conducted both externally from the internet or Elevate can test internal web services on-site. Each of the major web services technologies REST, SOAP, Swagger, WSDL, WADL, OAuth 2.0, OpenID Connect, JSON, XML, and many more can be tested by our professionals. Web services security testing go beyond functional testing of making simple web services calls. Testers will use both automated and manual testing techniques to discover a wide variety of possible vulnerabilities.