Overview
Whether your organization develops enterprise applications internally or purchases them from third parties, you’ll know that a single coding error can create a vulnerability — a vulnerability that can expose your business to attacks and result in considerable financial and reputational damage.
Kaspersky Application Security Assessment helps
Prevent financial, operational and reputational loss
by proactively detecting and fixing the vulnerabilities used in attacks against applications
Avoid business disruption and support a secure software development lifecycle
by tracking down vulnerabilities in applications still in development and testing them before they reach users
Comply with various regulations
Including government, industry and internal corporate standards, such as GDPR and PCI DSS
How it works
The Application Security Assessment is carried out by Kaspersky experts who have hands-on experience and a deep understanding of how various applications works, and can analyze its functionality and business logic. This expert analysis is combined with various automation tools, analyzers, and scripts.
Applications
- Official websites;
- News portals
Intruder type
- User without an account;
- User without any prior knowledge of the application
Assessment approach
Black box – assessment without user credentials to reveal vulnerabilities available for an external attacker without any privileges:- - Check all the entry points and input parameters;
- - Deep fuzzing and behavioral analysis;
- - Identify application components (frameworks, plugins, libraries, etc.);
- - Identify potential data leakage and fraud scenarios;
- - Analyze management or debug tools and scripts
Related products
Penetration Testing
Practical demonstration of how an advanced attacker could breach a security perimeter of a targeted organization.
Kaspersky ICS Security Assessment
Comprehensive analysis of industrial environment and automation solutions to eliminate the risk of compromise of critical assets or processes.