SERVICES
BUILDING OUR APPLICATIONS WITH SECURITY IN MIND
WILL REDUCE PROJECT COSTS AND BRING APPLICATIONS TO
MARKET FASTER
Is your site secure?

Be the first to know your software security vulnerabilities and risks.
Then we can help you on protecting it.
APPLICATION SECURITY TESTING


82% of all vulnerabilities pertains to Web applications and related technologies.
Cenzic Inc., "Web Application Security Trends Report Q3-Q4, 2009" (March 2, 2010)

Application security testing uncovers application level vulnerabilities that allow access, misuse, modification, destruction or disclosure of data from the application and cause its malfunction.



Probably you are reading this page because either you need your platform tested to prove it is secure, or it has already been hacked and you want help protecting it. You'll be pleased to hear that Maincheck can do the job for you.

We analyze and test your solution from a security perspective. The report we send you highlights all the insecure areas that need attention, along with advice on how to fix them. When necessary we can also help implement the fixes.

MAINCHECK incremental method in Application Security Testing ensures the best cost benefit ratio. We follow the directives of the "Open Web Application Security Project - OWASP", both in terms of methodology and in terms of recommendations for implementing measures to increase web application security.




The main activities of a typical application security testing project are:

  • Threat Risk Modeling
    A risk assessment is made by analyzing the application architecture and design. Typically, the "Risk Analysis" is performed during the design of the web application so that potential vulnerabilities are eliminated as soon as possible.
  • Application Vulnerability Scan
    Automated scans performed from the user’s perspective looking for web security vulnerabilities. These tests may or may not be intrusive.
  • Advanced Security Tests
    This group of tests complements the Application Vulnerability Scan with a source code manual analysis to know more about how the system can be attacked. Then, manual tests are made to simulate attacks and verify the potential vulnerabilities previously identified.