Strategic self defense against real time attacks.
Assess. Detect. Mitigate
CrystalTec’s Vulnerability Assessment provides comprehensive security risk analysis, combining web application coverage with network, operating system, and infrastructure exposure intelligence Our customer’s leverage CrystalTec’s cloud or appliance-based architecture, eliminating the high cost of deployment and maintenance associated with other solutions . Our Vulnerability Assessments’ is built on the world’s leading security risk management system. It provides a fully integrated and comprehensive view of all vulnerabilities and risks—from web applications to the IT systems supporting them.
Sample Vulnerability Tests
»Cross-Site Scripting (XSS) Vulnerabilities
Cross-Site Scripting vulnerabilities allow attackers to inject arbitrary HTML or other code into web applications and their served web pages, potentially compromising the security of a visiting client’s browser. CrystalTec dynamic testing for various types of persistent and non-persistent Cross-Site Scripting vulnerabilities to ensure that your web applications are not compromised.
SQL Injection vulnerabilities allow attackers to inject SQL commands through web pages, making changes to stored data or executing commands that were not intended by the application’s developers. Tripwire WebApp360 ensures that your web application will not permit code execution or changes to stored data without appropriate authorization.
»Web Page Implementation Flaws
Securing the production implementation of your web applications is just as important as the web application code itself. CrystalTec ensures that fundamental design flaws have not been introduced to your web applications during production implementation, such as password submissions via insecure input fields.
»Web Application Infrastructure
Web application security must take into account the web application itself as well as the underlying infrastructure such as web servers, operating systems, and adjacent applications. CrystalTec Vulnerability Scanner is the only solution that provides a real time, continuous security assessment of both web applications and their related infrastructure.
Contact us if you require any additional information on the services that we offer, or for a free no obligation systems security consultation.