Security Testing



Security Testing Overview

In this era of seemingly nonstop waves of hacking, malware, and spear-phishing attacks, the new mandate is to have the right technology and security testing practices in place to detect and fix any security defects before the application goes live.

Need for Application Security Testing:

The need for security testing/vulnerability assessment of an application arises due to:

  • Common web attacks depicted by “OWASP (Open Web Application Security Project) top ten threats”
  • Patching or rebuilding application is expensive
  • Interaction between 3rd party code and custom business logic creates vulnerabilities
  • Organization are increasingly investing in infrastructure and using vendor provided PaaS and IaaS services.

Vmoksha’s security testing services ensure:

  •  Applications are secure against known and unknown vulnerabilities (Identity Spoofing, Illegal Access, Service attacks, Buffer Overruns)
  • Application data is secure and hack proof (Data Tampering)
  • Applications are compliant with all security regulations.

We use a combination of techniques and guidelines such as the following, to arrive at the right level of security testing required by the application under test.

  • Top 10 OWASP guidelines
  •  SANS guidelines
  • Manual code analysis
  • Tool based security assessment.



Some of the tools we have expertise in are:

Function Test Tools
Security Testing IBM Appscan, Burp Suite, Tamper Data, Live http Headers, HP Fortify, VeraCode, OWASP Top 10, N-Stealth, Hailstorm, Paros, SANS Top 20