Our Services / Website Security Testing
Do you know if your website and applications are secure? Once on the Internet, any vulnerabilities are exposed to the entire world.
The Xibis team are experts in web security. We offer a full web security audit to ensure your systems and data aren't vulnerable to infiltration. For those businesses who have broken away from the agency that originally built their site, we can enhance the security test by fixing any problems we find as we go along.
As well as running automated tests, Xibis will manually check and test your web application scripts to ensure that vulnerabilities are quickly spotted. We will then provide a full report and fix any problems to ensure your data remains yours alone.
Xibis' security expertise informs the bespoke development side of our business, including:
- Our developers undergo significant training, including tuition in how an adversary may break into unsecured applications
- High-risk vulnerabilities (e.g. SQL Injection) are minimised using automated code generation techniques
- Our Quality Assurance team tests every system for security vulnerabilities before sites are launched
- We regularly have our systems security-checked by other specialists, verifying that there is nothing we have missed
- We regularly review our processes and base code, to eliminate even extremely low-risk vulnerabilities
Some real examples of security problems we have uncovered:
- Admin areas where we could bypass the login form within a few seconds
- Systems that allowed our testers to extract live administration passwords or credit card details simply by using a bug on the product list page
- File uploaders that allowed us to take complete control of the clients website and (potentially) access all customer data
- A website search form that would have allowed us to hijack the administrator's cookies and access the administration area.
- In one website we found over 20 ways of breaking into the administration area.
Please get in touch to find out more
Our Services, Discover More...
- Bespoke Web Development
- Content Management Systems
- E-Commerce
- E-Recruitment
- Event Management Systems
- Extranets & Intranets
- iPhone and Android App Development
- Mobile Commerce
- Multi-lingual Websites
- Online Directories
- Online Surveys
- Remote monitoring and device management
- Web Security Workshops
- Website Security Testing
- FAQs
- Web Security Find & Fix
Our Website Security Testing Portfolio...
- Ford and Slater Security Test
- SEAT Security Auditing