Once SecureState has received the URL(s) and credentials for the target application, the team will leverage an automated vulnerability scanner to crawl the application and identify known vulnerabilities. Common exposures include SQL Injection, Cross Site Scripting (XSS), and Remote File Inclusion. SecureState tests against the OWASP Top Ten, so you can be sure that the most recent and common web application vulnerabilities will be identified.
During validation, SecureState manually reviews the findings of the scan, and verifies each of them. This is done to confirm that any false positives are removed from the results, so that you do not waste valuable time or resources during your remediation efforts. The final deliverable will include detailed information and remediation steps for each vulnerability discovered during the assessment.
SecureState recommends performing Black Box assessments on a continual basis. This will ensure that as changes are made to the application, they are done in a secure manner, following industry-accepted best practices.