Web Application Security

CCLab proposes a step-by-step approach to its clients. The target security level can be reached on an increasing basis: first solving the most aching problems, then strengthening the security of the IT system gradually. During security evaluations we follow a methodology based on our Common Criteria evaluation experience.

“To be effective, Application Security” needs to cover the entire product development lifecycle: from design to implementation and testing - including training:

  • Security by design
    BCM consulting, BCP and DRP creation, UAC (User Acceptance Test) and security testing design and management, site security screening
  • Secure coding training
    Java, JavaScript, C, C++, C#, Python
  • Vulnerability assessment
    Using Flaw Hypothesis Methodology to analyse the operation and reveal possible vulnerabilities.
  • Penetration testing
    Our methodology is broader than ethical hacking, as it has expanded from our systematic evaluation methodology, which focuses on practical implementation. (conceptual black box testing, gray box testing and white box testing)
  • Hardening
    Examples of errors that can be corrected during hardening: lack of input validation (SQLi, XSS, RFI, LFI); bypassing of entitlement levels; weakly or poorly implemented cryptographic algorithms; memory management problems (Buffer Overflow), session management issues (session fixation, replay attack); vulnerabilities due to incorrect configuration.
  • Security audit
    This is a full site inspection which involves recognizing human behavioural patterns; examining areas in accordance with regulations; observing and enforcing security measures and deception, distraction; human behavioural change and social engineering techniques by applying information security awareness control.

For mobile applications CCLab proposes to follow the OWASP Mobile Application Security Verification Standard. The evaluation process is based on MASVS-L1 Standard Security level and additionally extended to MASVS-L2 Defense-in-Depth level.

Contact us

Contact US

  • +36 20 248 7670 info@cclab.hu
  • Budapest

    H-1137 Budapest,
    Katona József utca 17.

  • Debrecen

    H-4025 Debrecen,
    Piac utca 45-47.

  • Budapest

    H-1134 Budapest, DC Offices,
    Váci út 49. VI. em.

Budapest

H-1137 Budapest,
Katona József utca 17.

Debrecen

H-4025 Debrecen,
Piac utca 45-47.

Budapest

H-1134 Budapest,
Váci út 49. VI. em.

CCLab Ltd. © 2020 - All rights reserved
Linkedin Up