Application Vulnerability Assessment

Application Vulnerability Assessment Information

Application Vulnerability Assessments are integral to a systematic and proactive approach to web security that reduces the risk associated with application level attacks (e.g. Cross-Site Scripting, SQL Injection) and ensuring compliance with relevant standards, laws & regulations.

Key activities include:

  • Leveraging an open-source or commercial application vulnerability assessment tool to discover known application security vulnerabilities; and,
  • Formal reporting on the process, gap analysis, relevant findings, and mitigation roadmap. Where possible the report will also include; root cause analysis, peer-group benchmarking, good practice benchmarking, executive summaries, and technical summaries.

The predominant benefits realized by an Application Vulnerability Assessment are:

  • Quickly identify configuration errors, default settings, coding errors, and patch management issues in an automated manner and economical fashion;
  • Capable of being run on automated, regular basis to provide baseline and ongoing vulnerability management metrics; and
  • Can be used to focus Application Penetration Testing activities on those areas of greatest concern.

Because Application Vulnerability Assessments are fully “tool-based” manual review of the findings by someone well versed in web application security is usually necessary to optimally leverage the output.

Application Vulnerability Assessments are best used:

  • As a quick and inexpensive means of assessing the risk associated with an application that is in operation but has not recently gone through a broader Application Security Assessment;
  • As part of an ongoing vulnerability/configuration management program, especially in support of demonstration ongoing compliance with relevant standards/regulations;
  • To assess less critical applications (i.e. applications with a low risk profile) where the risk does not justify hands-on testing; and
  • As an information gathering mechanism to focus penetration testing or code reviews.

Application Vulnerability Assessment Options

Dependent upon client objectives and request for attestation we may employ various Application Vulnerability Assessment techniques aligned with said objectives.

The Investigative Attacker doesn’t have a lot of time, and doesn’t have a lot of tools, and may not even be targeting you specifically. He may stumble upon your external IP during a sweep and will pay you little mind unless you have an obvious security problem. Attackers that get in through a blank or default password on an administrative account are Investigative Attackers.

The Intentioned Attacker has more time, and a few more tools than the Investigative attacker. More importantly, she has intent. She wants to find a weakness in your network specifically. Attackers that get in by exploiting an unpatched vulnerability in an operating system or network service are Intentioned Attackers.

The Tenacious Attacker has time, tools, intent, and determination. He is willing to go the extra mile to make it past your defenses. He may even attempt social engineering to find a way beyond your perimeter defenses. He will do it quietly, though, and take care to go unnoticed. Attackers who convince your help desk to reset an account password for them are Tenacious Attackers.