WEB APPLICATION ASSESSMENT
We will assess the security of the designated web applications, including the front-end, back-end, and underlying hosting architecture. Our approach to web application penetration testing is modeled around the Open Web Application Security Project (OWASP) testing methodology and therefore follows the current OWASP recommendations and best-practices. We built our proprietary testing methodology specifically around the OWASP testing guide as it is the definitive resource for web application penetration tests. Using this approach allows us to be creative in our approach while staying within a secure and proven framework.
Once an engagement is concluded, EAM Solutions Group will provide several types of reports and recommendations to our client’s based on the level assessment. The two reports are a detailed report and executive summary report.
From the detailed technical report, VET-Cyber teams will create an Executive Summary report for the non-technical audience. This report gives a high-level overview of the methodology used and includes numerous summaries and graphical representations describing the findings. This allows quick and easy access to the assessment results at any time. The summary report does not include remediation instructions, nor does it include any raw scan results.
Findings Meeting and Project Closure
After the completion of all testing, EAM Solutions Group VET-Cyber will conduct a findings meeting to present the findings and explain in detail to the customer. Senior management personnel will have the ability to ask any questions and make requests for changes to the final report, such as clarifying a finding or presenting the information in a slightly different way.