HomeEnterprise SecurityServicesKaspersky Application Security Assessment

    product-icon

    Service

    Kaspersky Application Security Assessment

    Uncover vulnerabilities in applications of any kind

    Get In Touch

    Download Datasheet (2 PAGES)

    Overview

    Whether you develop enterprise applications internally or purchase them from third parties, you’ll know that a single coding error can create a vulnerability – a vulnerability that can expose your business to attacks and result in considerable financial and reputational damage. New vulnerabilities can arise during an application’s lifecycle through software updates or insecure component configuration, as well as through new methods of attack.

    • Black-box testing

      Emulating an external attacker without prior knowledge of the application's internal structures and workings

    • Grey-box testing

      Emulating legitimate users with a range of profiles

    • White-box testing

      Analysis with full access to the application's source codes

    • Application firewall effectiveness assessment

      Testing with and without the firewall enabled to verify whether potential exploits are blocked

    Suitable for

    Case Studies

    Eхplore examples of Kaspersky Lab security solutions at work in the field

    VIEW ALL

    The Use

    • Kaspersky Application Security Assessment helps to:

      • Prevent financial, operational and reputational loss by proactively detecting and fixing the vulnerabilities used in attacks against applications
      • Save remediation costs by tracking down vulnerabilities in applications still in development and testing before they reach the user environment where fixing them may involve considerable disruption and expense
      • Support a secure software development lifecycle
      • Comply with government, industry and internal corporate standards, such as GDPR or PCI DSS

    • Vulnerabilities which may be identified:

      • Flaws in authentication and authorisation, including multi-factor authentication
      • Code injection (SQL Injection, OS Commanding, etc.)
      • Use of weak cryptography
      • Logical vulnerabilities leading to fraud
      • Client-side vulnerabilities (cross-site scripting, cross-site request forgery, etc.)
      • Insecure data storage or transferring, for instance, lack of PAN masking in payment systems
      • Disclosure of sensitive information
      • Other web application vulnerabilities

    • Results are detailed in a final report and include:

      • Detailed technical information on the assessment processes
      • Vulnerabilities revealed and recommendations for remediation
      • An executive summary outlining management implications
      • Verification of compliance with international standards and best practises
      • Videos and presentations for your technical team or top management can also be provided if required

    Let’s Start the Conversation and talk to one of our experts about how True Cybersecurity could inform your corporate security strategy, please get in touch.

    GET IN TOUCH