All geek questions in one place

Is there a good service for checking website / server vulnerabilities

I was asked to provide information on available methods for evaluating our current and any future websites for security issues. request is in the form

Do you know of any good free that checks for security holes?

I think that our data security is probably worth a small amount of upfront costs, so any unreasonable methods will also be appreciated.

Our systems are the mish mash of the systems mySQL, Oracle, SQLServer, PHP, ASP.NET, etc., although I think this does not really matter. All systems are protected as well as fixed, and firewalls are configured so that people cannot directly get into database mailboxes, etc.

These are XSS and similar attacks that we want to prevent.

What do you use to give you confidence in your systems? '), DROP TABLE answer:

+3
source share
4 answers

owasp would be a good place to start. There is too much to include here.

+1
source

If the security of your website is worth nothing to your company, then what should you pay. For my company, the security of our data and the brand image is of rather high value.

We pay a ton of money for regular checks, we prepared the developers for major hacks / application security, our code reviews include a security review, and now we look at IBM's AppScan (which is expensive, but ultimately, probably cheaper than all tests that we pay for the pen).

, . , , .

+1

. , -, , .

, , , , - , ( - ). , . , , , .

IBM AppScan, . , , . , , - , , .

. , , . , , , .

, , - . . - . , , , .

, , "" , , .

+1

dotDefender - IIS/Apache/ISA. SQL Injection/XSS/DDOS//. , , .NET, PHP ASP, , - 5+ .

http://www.applicure.com/?page=dotDefender

I also have a penetration / social engineering testing company every year or so, but with dotDefender I am at least happy that I have a basic safety blanket to protect my sites.

Of particular interest to me was that their application is fully compatible with x64 - a must, since I use x64 web servers.

+1
source

Source: https://habr.com/ru/post/1698972/

More articles:


All Articles