Web Vulnerability Assessment

Assessment and Response for Web Service Security Vulnerability

Samsung SDS identifies web service vulnerabilities and provides responses to prevent potential components of security threat, backed by the accumulated know-how. Detailed tests are conducted to detect vulnerabilities, followed by response guidelines on the detected issues.

Overview

01

04

Major Assessment Criteria

  • Lacking Input Validation
    File upload/download vulnerability, SQL Injection, Cross-Site Scripting
  • Vulnerable Certificates & Access Control
    Admin page exposure
  • Improper Environment Setting
    Unnescessary method support, directory listing, default page, web server/WAS default password, Frontpage/WebDAV solution ban (limited to IIs)
  • Improper Error Handling
    System data exposure, error page undetermined
  • Exposure of Critical Data
    Exposure via unnecessary files, critical data transfer encryption unapplied
  • Other
    Unnecessary page, OpenSSL version vulnerability

Key Features

  • Review on 16 diagnosis items

    - Apply assessment criteria to minimize impact on service
    - Offer assessment result and response report (number of vulnerabilities, detailed information, etc.)
    - Free inspection on execution after taking measures to identified vulnerability (twice within 1 month after checkup completion)

  • User-Agent setting suitable for web service environments

    - Select according to user environments (e.g. Internet Explorer, Chrome)

  • Diagnosis schedule setting

    - Available 3 workdays after application

Pricing

    • Billing per number of diagnosis
    • Each diagnosis includes review on one URL
Let’s talk

Whether you’re looking for a specific business solution or just need some questions answered, we’re here to help.