What is an Architecture Assessment?
Architecture Assessment is a comprehensive application audit performed through the use of automated tools, manual penetration testing, code review, and application architecture review. The depth and breadth of the audit can vary by the specific scope and requirements for the audit. The goal of the audit is to identify application logic, configuration, and software coding flaws that jeopardize the security of the application.
Why do you need an Architecture Assessment?
Implementing a network security ecosystem is only half the battle. The other half is assurance in your implementation. In 2011, 4,106 vulnerabilities where added to the National Vulnerability Database maintained by the National Institute of Standards and Technology (NIST, http://nvd.nist.gov). Of these, 3,840 (93.6%) where classified as Medium or High risk. This is only software flaws and does not include misconfigurations. iSecure offers tailored vulnerability assessment solutions that provide up-to-date reports and a complete path to full remediation.
Our security engineering team maintains a deep technical knowledge-base of modern web security threats. A Web Application Assessment from Cyber 1 Systems will be more than a scan from an automated tool. Our engineering team understands web technology and will perform web penetration testing that just can’t be done with an automated scanning tool.
Web Application Assessments performed by Cyber 1 Systems are based on the process and methodologies from the OWASP Web Application Testing Guide and the OWASP ASVS 2009 standard. These industry-recognized methodologies in addition to the experience and knowledge of Cyber 1 Systems engineering staff provide a comprehensive and repeatable testing framework that will provide confidence in the security of your website.