1. Authentication
  1. Brute Force

  2. Insufficient Authentication

  3. Weak Password Recovery Validation

2. Authorization
  1. Credential/Session Prediction

  2. Insufficient Authorization

  3. Insufficient Session Expiration

  4. Session Fixation

3. Client-side Attacks
  1. Content Spoofing

  2. Cross-site Scripting

4. Command Execution
  1. Buffer Overflow
  2. Format String Attack
  3. LDAP Injection
  4. OS Commanding
  5. SQL Injection
  6. SSI Injection
  7. XPath Injection
5. Information Disclosure
  1. Directory Indexing

  2. Information Leakage

  3. Path Traversal

  4. Predictable Resource Location

6. Logical Attacks
  1. Abuse of Functionality

  2. Denial of Service

  3. Insufficient Anti-automation

  4. Insufficient Process Validation

Secure Architecture Consulting

INFOSECPRO evaluates the design and architecture of your applications with a ‘best practice’ approach in order to provide clear recommendations on how to most effectively make security improvements. Armed with your business and technical requirements, we conduct interviews with developers, architects and Business Owners as well as review system documentation to fully understand the overall architecture of your application. Our consultants help you understand which components carry the highest risk, how to remedy specific security issues and vulnerabilities, and how changes will impact the security of your application. Together, we narrow the gap between your application’s intended design and its actual security architecture.

The goal of a Secure Architecture Consulting engagement is to identify security vulnerabilities with the following key objectives:

  • High-level security analysis of the Client Application:

    • Understand the current application architecture, and the business/technical requirements
    • Determine level of security essential meeting business goals
    • Analysis of the server application
    • Analysis of the client application
    • Analysis of the communication between the server and the client

  • Cryptographic architecture analysis:

    • Analysis of the cryptographic soundness of client and server authentication protocol
    • Analysis of cryptographic soundness of data storage on server
    • Transfer knowledge to designated Client representative

For a few pages of a report sample, please click here.

Please submit your payment of $2999.00 for a complete Secure Architecture Assessment covering your business.
Travel expenses should be paid separatelly.

Business Name:
Contact Information:
Email Address:
URL or IP address:

Other members of our business group:

COPYRIGHT (C) 2000 - 2013 InfoSecPro.com ALL RIGHTS RESERVED