Maze & Associates PCI Web Application Scanning (PCI-WAS) Service

alt

Web applications are structured in three layers. Typically, the first layer would be a Web server, the second would be a content generation technology tool such as Java servlets or ASP (Active Server Pages), and the third layer would be one or more compatible databases.
 
Web Application Scanning looks for a variety of vulnerability types within customized code that can consist of shopping carts, forms, login pages, and other types of dynamic content – all examples of Web Applications. 
 
Web Application Scan solution provides comprehensive capabilities to assess and track web application vulnerabilities across distinctly different web sites. The module includes the following features:

  • Profiles the target application to determine custom error behaviors and login forms.
  • Crawling algorithm that balances breadth and depth of links in order to obtain wide coverage of the target application.
  • Works with multiple character sets and internationalized text within HTML content.
  • Automatically authenticates to HTML forms and monitors its session state.
  • Combines pattern and behavior analysis to improve accuracy and reduce false positives.
  • Accurate identification of SQL Injection and Cross-Site Scripting (XSS) vulnerabilities.
  • Workflow for expert review and approval. 
 

LeapFile Secure File Transfer



For secure file transfer click here or on icon.

Latest News

Our Clients Include: Government Sector, Local government, Federal Government, Commercial Sector, Nonprofit, and Commercial.
Copyright © 2010 Maze & Associates. Designed by Purple Cow Websites.