The main purpose of a web assessment is to tell you where configuration and coding mistakes have been made in your application rather than the network protections that surround it. The main areas of testing will involve issues surrounding Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF, XSRF), SQL and code Injection . We adhere to the OWASP Top Ten (https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project), a community-maintained list of the most serious web application vulnerabilities found in the wild. The level of exploitation during a web application is closest to a penetration test but often varies based on customer needs.
CBTS ReportingCBTS provides a detailed, customized report for our engagements. We provide a concise report that focuses on the actionable findings that are prioritized by severity along with associated recommendations for improvement. Every CBTS Information Security report contains the technical detail for Operations to understand and remediate plus a high level executive summary to effectively communicate the results to leadership. With CBTS security, you will have experts available to discuss all areas addressed and the specifics of each finding with you and your team to ensure you get the most out of our collaborative effort.
CBTS works on being our "partner" - going out their way to be accommodating to all of our requests. They’re always available to work with our management and technical teams to answer their questions.
Rick Grubbs - Sr. Director, Managed Cloud, itelligence