Packer Thomas Certified Public Accountants & Business Consultants • Services: Information Technology Services Accounting Software

old computer

IT Links

Accounting Software

Sage Accpac

QuickBooks® Enterprise Edition

Customer Relationship Managmement Software

Sage CRM

SAS 70 Audits

SAS 70 Audits

Info Security Consulting

Risk Audit & Risk Assessment

Compliance Audits

Web Assessments

Web & Web Application Security

Security Solutions

Computer & Network Forensics

Downtime Cost Calculator

General

IT Experts

IT Newsletter

Services: Information Technology Services

Website Security

Website Security, Website Audit, & Web Application Security Assessment
For many organizations, Web applications are the most vulnerable element of an organization’s IT infrastructure. As your organization uses the Internet for customer, supplier, employee, and vendor interactions, Web technologies and database interfaces become more complex and require additional security.

Website Vulnerabilities
Packer Thomas protects you from hackers that compromise your websites and interfaces to internal networks and database systems. We use a combination of manual and automated tools to identify vulnerabilities and protect you from hacker attacks. We identify:

Buffer overflow – integer overflow and other programming issues
SQL injection vulnerabilities – application layer attacks
Cross site scripting – malicious code embedded into a dynamic page
Broken links – attacks exploiting links to broken pages
Google hacking – site scanning, cgi scanner
JavaScript attacks – error checking, calculation areas on pages, and user interaction
Authentication – attacks that circumvent or exploit the authentication process
Authorization – attacks that exploit user, service, or application permissions
Client side attacks – user exploits
Information disclosure – version and patch numbers, host information
Logical attacks – procedural flow vulnerabilities and logic issues
Web server attacks – web server operating system and version errors

We protect you from over 35,000 types of website threats.

Traditional Protection
Since web sites need to be accessible by the public, security mechanisms must allow web traffic to communicate with database servers through web applications. As a result, firewalls and similar intrusion detection mechanisms provide little defense against knowledgeable hackers and full-scale web attacks.

Assessment Work Plan
Packer Thomas’s website security audit is customized to your specific needs. Our assessments help your organization manage its risks, prioritize assets, resources, and identify issues before they result in down time.

By following the links on a web site, and other files such as robots.txt, we inventory the available web site pages. Our software maps out the web site structure and displayed detailed information about each page.

We then emulate a hacker attack by using automated tools to launch a series of vulnerability attacks on each web site page. Our tools analyze each page in an effort to identify weaknesses.

Packer Thomas’s assessment tools scan for buffer overflow, SQL injection, cross site scripting, Google hacking, authentication risks, JavaScript, Common Gateway Interface (CGI), PHP, broken links, authentication hacking, and many other types of web related vulnerabilities.

» top

Please contact Jeff Sheets for more information: jsheets@packerthomas.com