Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

Web Tribe Ltd Sentinel

Web scanning has become part of the testing routine used for catching other bugs in the software development life cycle. And since Web security has become a part of industry requirements like the Payment Card Industry Data Security Standard (PCI DSS), scanning for vulnerabilities is no longer a luxury; it's now a compliance mandate.

PCI Compliance Made Easier

The Payment Card Industry mandates IT security compliance for all merchants that process credit cards. McAfee® PCI Compliance Service is an easy-to-use system designed for smaller merchants that need to be PCI certified. It includes state-of-the art scanning, complete remediation and technical support, an online self-assessment questionnaire, and a PCI Wizard to help manage compliance activities.

Register for Webscan now

Reasons for website and network scanning.

First, we define the scope and purpose of the scan. Is it for compliance with government regulations or industry guidelines like PCI, or is it to identify the causes of specific problems? Is it in response to an incident or attack, or something a corporation wants to do routinely as part of its software development life cycle to harden sites before they're live?

If the scan is for compliance, it can focus on just regulatory requirements. Section 6.5 of PCI, for example, requires testing for the top ten vulnerabilities listed by the Open Web Application Security Project (OWASP).

Sample vulnerability that web tribe deals with

Examples of overall website vulnerabilities population include:

  • Cross-site Scripting -70%
  • Content spoofing 7%
  • Sql injection 4%
  • Predictable Resource location 5%
  • Information Leakage 4%
  • HTTP Response Splitting 5%

Other Vulnerabilities

  • Buffer overflow
  • Format String Attack
  • Lwap injection
  • Os commanding
  • SSI injection
  • XPath injection

Register for Webscan

 
 
 
 
 

Our Security Partners


Services

  • Switching (EFT) and Online Gateways
  • Financial Middleware Applications: Web Services, ISO 8583, XML
  • STK Integration
  • Smart Card Application
  • Messaging Systems: SMS Integration
  • Networks & Application Security
  • Java Programming Consultants
  • Online content aggregation

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

Bookmark and Share