This is a detailed presentation of our web security suite - SECURITY-TESTING. It's a cloud based product, providing solutions under 6 modules - SERM, Scanning, Detection, Monitoring, Performance and Inventory. For more details please visit our website www.security-testing.net
2. Big 5 Data breaches in 2 years
www.security-testing.net
Ebay
Target
Sony
Anthem
AshleyMadison
80M
32M
47K
145M
110M
2013
2014
2014
2015
2015
Why do you need web security?
3. The threat is real and large
www.security-testing.net
Aug 2015 Statistics
7. SERM - Search Engine (Online)
Reputation Management
Art of using traditional SEO to move positive or neutral pages higher up in
Google
Maintains a positive image for your website
Helps identify where brand is slipping and fix it
Improve tagging and overall SEO experience
Improve overall brand value
www.security-testing.net
8. SERM - Info Guide
Alexa Backlink Analytic
Alexa Country Rank Analytic
Alexa Global Rank Analytic
Alexa Page Load Time
Blacklist Check
Domain Complexity
Duplicate Content Check
DW3C CSS Check
AW3C HTML Check
Website Analytic Information
W3C HTML Validation Analysis
Social Media Analysis
Indexed Page Analysis Checks
Providing SERM Grade
www.security-testing.net
11. Scanning
Secure and maintain your website and web applications against hackers
Advanced vulnerability testing techniques
In-depth Analysis
Audit security of your web applications
Plagiarism check, admin panel check & Email ID extractions
User friendly & Exhaustive reporting structure
www.security-testing.net
12. Scanning - Info Guide
Web Application Vulnerability Scanners, scan for known security
vulnerabilities such as cross-site scripting, SQL Injection, Command
Execution, Directory Traversal and insecure server configuration.
It helps you make an informed decision about the selection of on demand
Vulnerability scanning to meet your requirements
www.security-testing.net
14. Detection
Incorporates advantages of Penetration Testing and Vulnerabilities Detection
Utilizes extended Phish check, Extended Firewall check and Admin Panel
check
Phish Check - To check for fraudulent attempts usually made through Email to
steal personal info
Firewall Check - To Identify & Fingerprint the firewalls used in your domain
Admin Panel Check - To identify Admin panel of your domain
www.security-testing.net
15. Detection - Sample Reports
www.security-testing.net
Pro-actively scan websites for Malware using Cloud Scanning Technology
and get automated alerts and in-depth reports
17. Performance
Determines how a website delivers in terms of responsiveness and stability
under a particular workload
Can involve Quantitative tests, such as measuring the response time or the
number of MIPS (Millions of Instructions per Second)
Regular preventive Load Testing before technical changes maintains the
stability and performance of website
Without testing the durability and scalability of your website or application you
can never be sure that the correlation of all active components of your service
www.security-testing.net
18. Performance - Info Guide
Leverage Browser Caching
Minify CSS
Minify HTML
Minify Java Script
Minimize Redirects
Avoid bad Requests
Specify a Cache Validator
Minimize DNS Lookups
Minimize Render blocking resources
Use Legible Font Sizes
Prioritize Visible Content
Optimize Images
Main Resource Server Response
Mobile Performance & more
www.security-testing.net
21. Monitoring
Monitors internal (behind firewall), external (customer-facing), or cloud based
Web applications
Process of experimenting and proving that end users can interact with website
as anticipated
Often used by businesses to detect issues related to general internet latency,
network hop issues and to pinpoint errors
Load times, Server response times, Page element performance are often
analyzed and used to further optimize website performance
Helps you benchmark your website against the performance of your
competitors to understand where your website lacks
www.security-testing.net
22. Monitoring - Info Guide
FTP
SMTP
POP3
Active Sync
IMAP
DNS
SSH
Telnet
SSL
TCP
PING
UDP
Main Resource Server Response
Domain Name Expiry, SSL Certificate Expiry
and more
www.security-testing.net
23. Monitoring - Dashboard
www.security-testing.net
Reports include charts & Graphs. When an error is detected, alerts are issued via
EMail, SMS & Phone, that may include diagnostic info, such as Network Trace
Route, Code Capture of HTML file, Screenshot and even a video of website failing
25. Inventory
Inventory refers to all movable assets in your company that are part of the
network
Asset Management, Inventory Forecasting, Inventory Valuation, Inventory
Visibility, Future Inventory Forecasting, Physical Inventory, Available physical
space for inventory, Quality Management, Replenishment, Returns and defects
and Demand Forecasting are some of the key policies of many companies.
Management of inventories, with primary objective of determining/controlling
system levels within the physical distribution system, might turn out to be
critical for the functions to balance the need for website availability.
www.security-testing.net
26. Inventory - Info Guide
No of systems in N/W
No of systems in running services
No of systems in stopped services
Most used OS in N/W
Most used S/W in N/W
Most used Database in N/W
All device details are tabulated
Device Name & No of devices under this name
and description of the devices
All device locations are tabulated
Location name & No of devices in that
particular location
Description of location specific devices
All OS in network are tabulated
OS name of the device, no of devices using
same OS and it's description
www.security-testing.net