Web Security
Lock down your digital assets.
You wouldn’t leave your keys on the driver’s side front seat, windows unrolled, with your gold bars in the backseat now, would you? Much like your most valuable online tool (insert your web URL extraordinaire here), you wouldn’t leave any exposed digital areas vulnerable. We build security measures into every task, knowing full well that a piece of clean code without mechanisms for locking down your database is as strong as building a house with paper maché.
SECURITY AUDIt OPTIONS
Full Audit
A full audit includes everything from automated, manual, Malware, and penetration testing.
Automated
- Site crawlers: These tools are used to create lists of every page on a site. These lists are then used as a basis for pages to analyze.
- Code analysis: The pages found by the crawlers are each analyzed for known coding errors and possible security problems. These tools focus on the top vulnerabilities as presented by the OWASP 10. Additionally, custom module code is analyzed by automated tools to search for vulnerabilities.
Manual Site Review
- Our security analysts uses the page lists generated by the crawler as well as site navigation to search the site for possible malicious entry points.
- Code audit of all custom modules and other custom code are analyzed by a security professional manually.
Malware
- The site is scanned for any malicious code that may have been installed. This is accomplished via automated tools and a manual search of the file system.
- Penetration Testing is the active exploitation of any coding vulnerabilities found during automated and manual testing.
Penetration Testing
Penetration testing is the active exploitation of any coding vulnerabilities found during automated and manual testing.
Partial Audit
The partial audit can include any parts of the Full audit as desired by the customer. The most popular is to perform only the automated options as they require much less time and are therefore more affordable. These are a good option as they will generally find a high percentage of possible problems.
Recurring Audit
It’s a good practice to perform regular audits to ensure there have been no unauthorized changes or breaches and that no malware has been inserted into the site. The recommendation is quarterly, with a minimum of annual.
You lock up your bicycle. How much did you pay for that?
Consider the fact that 1,000’s of digital wolfs are trying to bust through your house. Did you build a straw house, a wood house, or a brick fortress? Chances are they don’t have a big cost difference, so why are you settling for a straw hut to put all your eggs into.
Still a bit curious as to why everyone’s talking about securing their website a bit more? We’ve done the math. It costs 7x more to retrieve or fix a hacked site than it takes to lock it down and secure it from the get-go.
Fill out this form to