Web Security Testing

Web security is becoming a vital requirement for any online business. Hackers can destroy your site, steal confidential data or commit fraud. 4PM has the skills to analyse your Web presence for security flaws and propose remedies to keep your business and customers safe.

Penetration Testing

We can arrange a comprehensive on-site vulnerability test of your Internet-connected network, checking for security vulnerabilities and configuration errors caused by system and network maintenance. We will check all external public facing IP addresses and internal, private IP addresses will be included in the internal scans.

This on-site test will include:

  • Controlled external & internal penetration testing directed at perimeter security, including Internet firewalls, routers, switches, Web servers, application servers, database servers, e-mail servers and gateways and your security management systems;
  • Network entry point search;
  • Port scanning and mapping external interfaces;
  • Vulnerability scans to proactively test your Internet Infrastructure for known weaknesses, which could potentially be exploited maliciously.

On completion of the penetration testing, we will provide a comprehensive written report detailing the results of these tests, and make recommendations for improvements (where applicable) to the security of your Internet-connected network.

It is envisaged that this Penetration Analysis will be carried out every quarter.

Analysis of Security Measures

We can also arrange for a comprehensive on-site analysis of security measures implemented at your Internet-connected network and infrastructure, carrying out security diagnostic reviews of key network devices on that infrastructure. It is envisaged that this review will take place in the first month after awarding of the contract and at six monthly intervals thereafter.

This analysis will cover:

  • Auditing of password resources;
  • Brute force tests;
  • Firewall log trending analysis;
  • Firewall rulebase and policy analysis;
  • Effectiveness of IDS and IPS monitoring;
  • Configuration errors;
  • Loopholes in server code and scripts;
  • Data that could have been exposed due to past errors;
  • Testing for known vulnerabilities.

On completion of this security analysis, 4PM will provide a final written report analysing any security or service problems discovered, together with proposed solutions, advice on fixes and recommendations for improving the security of the service under test. Recommendations on future security plans will also be provided in this report.

Application Security Testing

4PM can also carry out security reviews of certain applications, as you require.

For more details of 4PM’s Web Security Services, please call (01) 497 7705 or email info@4pm.ie