Increased use of new technology to store, transmit, and retrieve information has undoubtedly made today's organizations much more efficient and agile than before. But it has also opened organizations to increased numbers and types of threats which ultimately lead to loss of reputation. It is no longer just an issue for IT managers as it affects the credibility of senior management.

These days Websites on the Internet act as your organization's face to the world. It provides multiple functions - from information dissemination to tendering for material and services. But there is a downside too. The websites can be attacked and de-faced by hackers causing embarrassment and loss of reputation of the organization.

CyberQ Consulting Pvt. Ltd., empanelled by CERT-IN and CCA, Govt. of India tests web-applications for safety. The testing is done over the Internet at a suitable site, where the Web Application will be provided by the Client for testing.

The methodology applied by CyberQ Consulting for Web Application Security testing is explained in the diagram below

One of the first steps of the penetration test is to identify the Web application environment, including the scripting language and Web server software in use, and the operating system of the target server. Then the application is tested for vulnerabilities, findings classified according to risk level and then a report prepared in a detailed manner.