Services - Web Application Security Testing

Security is a serious concern for many people using the web to do business, and for good reason. Identity theft is the fastest growing crime in the UK today and a surprisingly high number of security glitches in web technology allow credit card fraud to blight the experience of many consumers.

Our specialty is in quality, thorough security, or penetration testing. Many websites are built, even e-commerce sites, which could allow hackers to access your clients' information, or to tamper with the content of your site and the merchandise you sell. At Freedom we carry out comprehensive testing and create a report of faults that need fixing. How you progress is up to you - we can manage the fixes, we can inform developers of how to do it in-house, or we can train you to carry out the work.

The Risks Your Business Faces

Of course many businesses will not experience any serious attacks from hackers, whether they are well protected or not. However, businesses both large and small can pay a high price for a lack of security that could allow hackers to cause real damage:

  • amending with your online catalogue, pushing prices up and losing your customers, or pushing prices down and losing you income
  • accessing your customers' personal details such as their orders and delivery address, possibly even their credit card details, in which case you're bound by the law to let all your customers know that you've been hacked so that they can inform their credit card companies
  • getting into a poorly configured e-mail script that allows hackers to send out e-mails that appear to have come from you, maybe suggesting you're closing down, or causing offence
  • hacking into a badly built forum system and adding offensive or damaging messages
  • hacking beyond the website and into the server beneath, gaining control of your server and everything on it.

How We Do It

It's always best to build security testing into the creation of your site, as fixing problems retrospectively can cost more than making security part of your build. However, we'll happily undertake testing and security development work whether your website is in the planning stages, or already up and running.

We'll work quickly to resolve matters knowing that every moment your system is down it's losing you revenue, costing you long term customer relationships and sales.

We use both automated scripts and bespoke attacks looking for vulnerabilities such as SQL Injection, Cross Site Scripting and Remote Code Execution. When we've finished testing we'll create a report highlighting any issues. We'll ensure that our findings are communicated clearly, so that there's complete clarity about the risks you face, whether you're proficient in e-talk or not.