WEB APPLICATION TESTING

Testing the security of web applications is crucial. Huge amounts of business critical data can be stored on web apps, therefore they are top target for attackers. We have extensive experience in testing off the shelf and bespoke applications

Security testing should be carried out throughout the Software Development Lifecycle to ensure the application is as robust as possible.

Our Consultants will test the application against the OWASP Top Ten vulnerabilities, which includes SQL Injection, Cross-site Scripting, and Unrestricted Access to certain files or directories. If we discover certain known vulnerabilities in a commercial application, the consultant will attempt to exploit the vulnerability, unless the vulnerability is known to cause Denial of Service issues. Once the application has been tested against the OWASP Top 10, we will check for lesser known vulnerabilities which may still affect the application. In addition, we will test for logic and other errors that the OWASP Top 10 would not identify.

Staddon Web App testing

WEB APPLICATION TESTING

Typically, we will test with different levels of credentials; ideally with access to two accounts or more at each level (e.g. unathenticated user, authenticated user and admin user).

Unauthenticated User icon

Unauthenticated User

Our consultant will attempt to authenticate without credentials, or gain access to functionality that should only be available to authenticated users

Authenticated User icon

Authenticated User

With an authenticated account our consultant will try to access or modify the details of other users or gain access to other users data that they should not be able to

Admin User icon

Admin User

As an admin user our consultant will perform application functionality mapping activities and user privilege escalation attacks

CLIENT TESTIMONIALS - VIEW ALL

"Staddon consulting have been GoCompare’s trusted partner for over six years. Their friendly and approachable manner has made it easy for us to develop a very good relationship with them. I know we can trust them to do an excellent job and they are extremely flexible. Donna goes above and beyond to make sure everything runs smoothly and that's one of the reasons we have stayed with them. I would highly recommend Donna and her team to anyone who needs help with their Cyber Security"
GoCompare logo
David Trouse
Data Protection Officer - GoCompare
"Donna at Staddon Consulting has been brilliant in our exercise of achieving PCI Level 1 compliance for our eCommerce platform, bluCommerce. We knew from the beginning that this would be a complex and challenging project both technically and operationally, and she expertly helped co-ordinate the key steps in gaining full PCI accreditation. The project as a result flowed extremely smoothly and we achieved our goal ahead of schedule!"
blubolt Logo
Chris Mattingly
co-founder & Director - blubolt
"I have been working with Staddon Consulting for the last 7 years, mostly on security solutions suitable for use in our medium sized business with around 150 staff. As a Housing Association and a registered charity we need to ensure we have effective solutions but also obtain very good value for money. Staddon Consulting have always been able to suggest a number of solutions, arrange demonstrations and help us to select solutions that meet our requirements as well as providing help and advice relating to the ongoing use of the solutions. I would happily recommend Staddon Consulting to anyone who needs help with their Cyber Security"
Two Rivers logo
James Osborne
Head of IT - Two Rivers Housing
"Hertsmere were looking for a way to tackle staff awareness about Phishing scams and approached Staddon Consulting, who we had previously worked with on our IT Health check over a number of years. They suggested a simulated phishing attack followed by a presentation to staff on security through the eyes of a hacker which was punchy, engaging and very well received. They are extremely approachable and always come up with the right solution to meet our needs. I would highly recommend Staddon Consulting without hesitation"
Hertsmere Logo
David Casling
Infrastructure and Technical Security Team Leader - Hertsmere Borough Council
"We have worked with Staddon Consulting for several years, where they have supported us with various security assessments. My team and I have always found them to be extremely flexible in their approach, easy to engage with and are viewed as a trusted and reliable security partner.
They have been able to offer several services from various accredited suppliers, enabling us to rotate suppliers in line with best practice, whilst maintaining a relationship with one Account Manager. We look forward to continuing to work with them in the future."
Aster Group Logo
Richard Strange
Director of Transformation-IT - Aster Group
"Staddon Consulting were brilliant from start to finish. We worked with them on a detailed security assessment of a business critical application and cannot fault the professionalism and service. The reports were extremely detailed and thorough, and the support and advice we received throughout the process was excellent. I would have no hesitation recommending Staddon Consulting"
The Independent Pharmacy Logo
Scott McDougall
Director - The Independent Pharmacy
"Staddon consulting help us source accredited PEN testing partners for our enterprise clients, their knowledge of the security industry helps us provide our clients with the testing solutions to fit their requirements. We look forward to using Staddon Consulting in the future as our preferred security partner"
Element Studio Logo
Phillip Davies
Director - Element Studio Ltd
"IMServ have used Staddon Consulting for over 4 years as a trusted supplier of various IT security services. We find them to be prompt, trustworthy, flexible and personable – but most importantly they take the time to understand our needs as a customer.
Having a single point of contact who uses this understanding to leverage the most appropriate products and services to support our business is a key differentiator for us."
IMServ Europe Logo
Morgan Rogers
IT Director - IMServ Europe
"4 Digital produce complex websites and online systems/portals that require extensive security tests. Staddon Consulting have been our go-to company for many years….we depend on Donna for the right advice and solutions and she always delivers! She’s our first port of call and I’d recommend you do the same."
4 Digital Ltd Logo
Andy Stanton
Managing Director - 4 Digital Ltd
"As a B2B cloud solution, Jazoodle understands that you cannot compromise the security of its systems. Staddon Consulting were recommended as we needed a full security audit prior to the launch of our solution. I have been very impressed both by the standard of work undertaken by Donna and her team, as well as their professionalism and sheer depth of knowledge. Their report and recommendations were very thorough and gave us the insight and knowledge that we acted upon to ensure our clients’ peace of mind. We will be using Staddon consulting as a matter of course for all future changes and periodic audits"
Jazoodle Logo
Andrew Paton-Smith
Chief Executive Officer - Jazoodle

For a detailed methodology or more information on Web Application Testing

Contact us

About us

Penetration Testing

Consulting & Compliance

Solutions & Services