Web Application Security Testing & Assessment Service

Added Protection Without Compromising the Way You Do Business

CSC's Managed Web Application Security Assessment (MWASA) service provides enterprises with scheduled or ad hoc security testing of their Web applications.

Web-based applications and Web 2.0 provide the enterprise with a method for streamlining business and increasing collaboration and connectivity, but they also increase vulnerabilities and present an easy target for security risks and threats such as SQL injection, cross-site scripting and Web site misconfigurations. In fact, according to recent industry reports, 75 percent of all information security attacks are directed to the web application layer and nearly 2/3 of all applications have vulnerabilities. Web vulnerabilities like these provide a serious challenge and have resulted in financial loss, theft of intellectual property and damage to brand integrity for organizations across industries. These threats can also compromise Web sites and browsers, putting the interests of valued business partners and customers at risk.

CSC's Managed Web Application Security Assessment (MWASA) service provides enterprises with scheduled or ad hoc security assessments of their Web applications. This is increasingly important as Web applications become more dynamic and constant security updates can introduce new vulnerabilities, putting an organization’s confidential information at risk. Through the use of a web application security scanner, our service provides comprehensive Web application security assessment reports to ensure that Web application support personnel are always equipped with the latest vendor updates and patches to help protect their Web applications.

Features

MWASA is a managed service conducted from one of CSC’s globally integrated and fully secured data centers. The service includes:

An initial scan, where a baseline is determined, against which periodic scans are run and compared
Continuous scanning, where scans are initiated and adapted to learn and incorporate (either manually or automatically) user inputs and values needed to perform meaningful web application security testing
Comprehensive report generation, which can include:
- A security report, detailing the vulnerability found during that scan
- An industry standard review, including a compliance report mapped against industry standards (e.g., PCI, OWASP, Top 10, SANS, WASC)
- Regulatory compliance details, including a compliance report mapped against regulations or legal standards (e.g. HIPAA, GLBA, SOX)
- Delta analysis, detailing the changes between the baseline and the current scan

Benefits of Web Application Security Testing

Identification of Web application security issues before they are exploited
Lowered total cost of operations through automated assessment process
Authenticated crawling and auditing through our web application security scanner
Scalability to incorporate any number of Web applications, internal or external, in production or development environments

Download the MWASA Brochure (PDF)