security-testing presentation
TRANSCRIPT
A Complete Web Security Suite
Big 5 Data breaches in 2 years
www.security-testing.net
Ebay
Target
Sony
Anthem
Ashley
Madison
80
M
32
M
47
K
145
M
110M
20132014
20142015
2015
Why do you need web security?
The threat is real and large
www.security-testing.net
Aug 2015 Statistics
Global Statistics
www.security-testing.net
48%CYBER
ATTACKSIN
2014
$2.7MLOSS
117,339ATTACKS PER DAY
MOST ATTACKSFROM WITHIN ORGANIZATION
44%LARGE COMPANIES
64%MID SIZE COMPANIES
Targeted Industries
www.security-testing.net
What do we offer?
www.security-testing.net
SERM - Search Engine (Online)Reputation Management
Art of using traditional SEO to move positive or neutral pages higher up inGoogleMaintains a positive image for your websiteHelps identify where brand is slipping and fix itImprove tagging and overall SEO experienceImprove overall brand value
www.security-testing.net
SERM - Info Guide
Alexa Backlink Analytic
Alexa Country Rank Analytic
Alexa Global Rank Analytic
Alexa Page Load Time
Blacklist Check
Domain Complexity
Duplicate Content Check
DW3C CSS Check
AW3C HTML Check
Website Analytic Information
W3C HTML Validation Analysis
Social Media Analysis
Indexed Page Analysis Checks
Providing SERM Grade
www.security-testing.net
SERM - Dashboard
www.security-testing.net
SERM - Sample Reports
www.security-testing.net
Scanning
Secure and maintain your website and web applications against hackersAdvanced vulnerability testing techniquesIn-depth AnalysisAudit security of your web applicationsPlagiarism check, admin panel check & Email ID extractionsUser friendly & Exhaustive reporting structure
www.security-testing.net
Scanning - Info Guide
Web Application Vulnerability Scanners, scan for known securityvulnerabilities such as cross-site scripting, SQL Injection, CommandExecution, Directory Traversal and insecure server configuration.
It helps you make an informed decision about the selection of on demandVulnerability scanning to meet your requirements
www.security-testing.net
Scanning - Sample Reports
www.security-testing.net
Detection
Incorporates advantages of Penetration Testing and Vulnerabilities DetectionUtilizes extended Phish check, Extended Firewall check and Admin PanelcheckPhish Check - To check for fraudulent attempts usually made through Email tosteal personal infoFirewall Check - To Identify & Fingerprint the firewalls used in your domainAdmin Panel Check - To identify Admin panel of your domain
www.security-testing.net
Detection - Sample Reports
www.security-testing.net
Pro-actively scan websites for Malware using Cloud Scanning Technologyand get automated alerts and in-depth reports
Detection - Sample Reports
www.security-testing.net
Performance
Determines how a website delivers in terms of responsiveness and stabilityunder a particular workloadCan involve Quantitative tests, such as measuring the response time or thenumber of MIPS (Millions of Instructions per Second)Regular preventive Load Testing before technical changes maintains thestability and performance of websiteWithout testing the durability and scalability of your website or application youcan never be sure that the correlation of all active components of your service
www.security-testing.net
Performance - Info Guide
Leverage Browser Caching
Minify CSS
Minify HTML
Minify Java Script
Minimize Redirects
Avoid bad Requests
Specify a Cache Validator
Minimize DNS Lookups
Minimize Render blocking resources
Use Legible Font Sizes
Prioritize Visible Content
Optimize Images
Main Resource Server Response
Mobile Performance & more
www.security-testing.net
Performance - Dashboard
www.security-testing.net
Performance - Sample Reports
www.security-testing.net
Monitoring
Monitors internal (behind firewall), external (customer-facing), or cloud basedWeb applicationsProcess of experimenting and proving that end users can interact with websiteas anticipatedOften used by businesses to detect issues related to general internet latency,network hop issues and to pinpoint errorsLoad times, Server response times, Page element performance are oftenanalyzed and used to further optimize website performanceHelps you benchmark your website against the performance of yourcompetitors to understand where your website lacks
www.security-testing.net
Monitoring - Info Guide
FTP
SMTP
POP3
Active Sync
IMAP
DNS
SSH
Telnet
SSL
TCP
PING
UDP
Main Resource Server Response
Domain Name Expiry, SSL Certificate Expiryand more
www.security-testing.net
Monitoring - Dashboard
www.security-testing.net
Reports include charts & Graphs. When an error is detected, alerts are issued viaEMail, SMS & Phone, that may include diagnostic info, such as Network TraceRoute, Code Capture of HTML file, Screenshot and even a video of website failing
Monitoring - Sample Reports
www.security-testing.net
Inventory
Inventory refers to all movable assets in your company that are part of thenetworkAsset Management, Inventory Forecasting, Inventory Valuation, InventoryVisibility, Future Inventory Forecasting, Physical Inventory, Available physicalspace for inventory, Quality Management, Replenishment, Returns and defectsand Demand Forecasting are some of the key policies of many companies.Management of inventories, with primary objective of determining/controllingsystem levels within the physical distribution system, might turn out to becritical for the functions to balance the need for website availability.
www.security-testing.net
Inventory - Info Guide
No of systems in N/W
No of systems in running services
No of systems in stopped services
Most used OS in N/W
Most used S/W in N/W
Most used Database in N/W
All device details are tabulated
Device Name & No of devices under this nameand description of the devices
All device locations are tabulated
Location name & No of devices in thatparticular location
Description of location specific devices
All OS in network are tabulated
OS name of the device, no of devices usingsame OS and it's description
www.security-testing.net
Inventory - Dashboard
www.security-testing.net
Inventory - Sample Reports
www.security-testing.net
Pricing - Security-Testing
www.security-testing.net
$649
STANDARD
$1999
PROFESSIONAL
$2999
ENTERPRISE
15 Scanning Modules10 SERM ModulesTrust mark Seal
25 Scanning Modules25 SERM Modules15 Detection Modules15 Performance ModulesTrust mark Seal
50 Scanning Modules50 SERM Modules20 Detection Modules20 Performance Modules20 Monitoring Modules20 Inventory ModulesTrust mark Seal
www.security-testing.net
THANKYOU