Web application vulnerabilities contribute significantly to the number of security incidents recorded each year thanks to the ease of exploitation and prevalence of automated hacking tools. Web application related security incidents have resulted in the theft of millions of credit cards, major financial and reputational damage for hundreds of enterprises, and even the compromise of thousands of computers that visited web sites hijacked by attackers.

ECQ provides Web Application Penetration Test service for organizations who wish to perform a thorough assessment of their web application and its architecture. ECQ's Consultants uses its in house RAPID Penetration Test framework, OWASP Top 10, and OWASP Web Security Testing Guide to carry out all the activities required for this assessment.

Web Application Penetration Test service provided by ECQ covers the following 12 categories.

Information Gathering
Configuration & Deployment Management
Identity Management
Authentication
Authorization
Session Management
Input Validation
Error Handling
Cryptography
Business Logic
Client-Side
API