Web Application Testing

Are your web-enabled applications the weakest link in your "information security chain"?

Web-born Threats to Your Data

"Cloud Computing", "Web 2.0" and web-based applications in use today introduce a wide range of vulnerabilities. It can be difficult to tell which of these web-based offerings are secure.

DDI provides a Web Application Analysis Service to ensure web-based applications do not introduce vulnerabilities that place corporate or customer data at risk.

Discovering Web-Based Risks

The DDI Web Application Analysis Service (WAAS) provides comprehensive web application testing exposing potential vulnerabilities in internally developed and third-party web applications.

Features

DDI WAAS provides...

External and Internal Web Application Penetration Testing
Robust Executive and Technical Reporting
Secure Workflow Management Portal
Remote Service Delivery
Industry Standard Testing Methodology
Quality Control of Results Reporting

In-depth and Focused Test Methodology

Stage one of the DDI WAAS utilizes a variety of sophisticated and automated software tools to:

Perform in-depth analysis of Internet and Intranet-based web applications
Detect common and unique web application vulnerabilities
Deliver technical reports in a "green" digital format

Stage two engages certified DDI security analysts utilizing specialized techniques and intensive tactics to further test the application. The security analysts also expose the web application to attack scenarios common to those experienced in a "real world" setting.

Insight into Securing Your Web-Based Infrastructure

As illustrated in the figure below, the security analyst concludes the web application testing process by documenting the evaluation findings and remediation steps to be utilized for discovered issues.

Figure 1. Web Application Analysis Service Diagram

The final report is delivered to the client via DDI's secure, centralized, online report repository, Frontline™.

Coverage Around the Clock and Around the World

Security Network Operations Center (SNOC)

24x7 technical support
Secure, fully redundant facility
Emergency backup power

External and Internal Web Application Test Abilities

Eliminates the need for onsite security analyst visits
Eliminates associated travel and lodging expenses

Automated and Security Analyst Driven Test Methods

Test web applications utilizing the latest tools and security analyst attack techniques

"Blackbox" or "Whitebox" Capable Test Scenarios

Test your web applications with or without user credentials

Digital Report Delivery

Avoid voluminous paper reports
Maintain a "green" work environment

Well Defined Remediation Tactics

Security analysts provide the information needed to quickly and effectively address the issues discovered during the Web Application Analysis Service.

Vendor Discussion Support

Access to skilled security analysts who can discuss discovered issues with third-party application developers at a peer-to-peer level

Enjoy the Benefits Already Realized By Other Organizations

Leverage DDI's technical expertise and world-class customer service and support
Focus on core business functions to save time, money, and effort by reducing the administrative burden and tedium of performing vulnerability scans with complicated tools or unmanaged open source solutions
Demonstrate your commitment to information security with comprehensive reporting on the security posture of your web-enabled applications
Detect possible web-based security vulnerabilities and respond quickly with actions based on your pre-defined security policies

Global Availability

DDI's Web Application Analysis Service is generally available.

Use the form below to find out how our Web Application Analysis Service can benefit your organization today!