Source code vulnerability diagnosis
Product necessity
This is a service that inspects and analyzes websites to identify and improve security vulnerabilities.
- Perform diagnosis according to customer requests, from one-time diagnosis to monthly, quarterly, etc., using automated tools.
- Supports web vulnerability standard evaluation reports for various security reports such as WASC standards, OWASP, SANS, PCI DSS, ISO 27001, 27002, etc. Performs remote diagnosis or home security diagnosis
procedure
1
Service preparation through prior meeting
- Check inspection target
- Check maintenance schedule
- Check how pre-inspection is performed
- Exception requests from various security solutions such as web firewalls and IPS
2
Perform inspection
- Perform inspection using web vulnerability inspection solution HCL AppScan Standard
3
Check the results by fortune telling
- Vulnerability Analysis
4
Calculate inspection result report
- Producing a report on the results of the vulnerability analysis presented by the inspection tool
5
Re-diagnosis (when diagnosed at the same site more than twice)
- Present improvement measures
- Propose measures to eliminate vulnerabilities found in diagnostic tools
- Present a plan to eliminate vulnerabilities discovered through manual inspection
Expected effect
Hacking using web vulnerabilities
Prevent important data leakage
(Company information and customer information)
Easier by providing Korean reports
Possible to identify vulnerabilities and take complementary measures
with accurate crawling
High detection rate and low false positive rate
Electronic information service standards
Reflection of web vulnerability inspection items