Service

Kaspersky Application Security Assessment

Identify all the potential vulnerabilities and security flaws in your applications.

Overview

Whether your organization develops enterprise applications internally or purchases them from third parties, you’ll know that a single coding error can create a vulnerability — a vulnerability that can expose your business to attacks and result in considerable financial and reputational damage.

Read a datasheet

Kaspersky Application Security Assessment helps

Prevent financial, operational and reputational loss

by proactively detecting and fixing the vulnerabilities used in attacks against applications

Avoid business disruption and support a secure software development lifecycle

by tracking down vulnerabilities in applications still in development and testing them before they reach users

Comply with various regulations

Including government, industry and internal corporate standards, such as GDPR and PCI DSS

How it works

The Application Security Assessment is carried out by Kaspersky experts who have hands-on experience and a deep understanding of how various applications works, and can analyze its functionality and business logic. This expert analysis is combined with various automation tools, analyzers, and scripts.

Applications
- Official websites;
- News portals
Intruder type
- User without an account;
- User without any prior knowledge of the application
Assessment approach
Black box – assessment without user credentials to reveal vulnerabilities available for an external attacker without any privileges:
- - Check all the entry points and input parameters;
- - Deep fuzzing and behavioral analysis;
- - Identify application components (frameworks, plugins, libraries, etc.);
- - Identify potential data leakage and fraud scenarios;
- - Analyze management or debug tools and scripts