Redpoint conducts dynamic web application reviews in consultation with your dev and security teams to understand and meet the needs of your security program. This review includes everything from a comprehensive web application pentest to testing of new features, integrations, or specific security functions your team is worried could be increasing your threat surface. In any case, we’ll scope our work proposal to your exact needs.
Our process: scoping –> information gathering –> vulnerability identification –> reporting and other deliverables
After working to understand your team’s concerns, those potential threats inform our tester’s process in conducting reconnaisance. The Application Security Assessment is not a mere tool-assisted dynamic scan nor even is it just a routine checklist our tester uses for manual checks. Our testing process means we circle back through emerging threat vectors as we circle back with the information we learn about your application.
Initial information gathering done by our testers into your application and the underlying technologies that support it build out a bespoke checklist that ensures we
- 1. Find the vulnerabilities that exist,
- 2. Show you how you can reproduce them and confirm their existence,
- 3. Recommend remediations that can effectively squash the bugs,
- 4. And re-test after fixes are in place to validate security improvements.
There is also a bonus exclusive to the Redpoint ASA. In addition to a technical report deliverable and executive summaries designed for you to share with your clients, partners, and potential customers, Redpoint offers security unit tests written for integration with your CICD process. That way you can ensure there isn’t regression in the security improvements you’ve worked so hard to implement.
In the end, the Application Security Assessment represents a lot something other than a perfunctory compliance check. It provides peace of mind because it honestly evaluates your application’s security and its fixes will show your team how to fix and problems that exist.
Fill out the contact form below if you’d like to find out more about Application Security Assessments and whether Redpoint has a solution that works for you.