Need a web application security pentest/assessment?
Maven security has the knowledge and experience necessary to help you meet your risk mitigation and compliance goals.
We have been doing web security assessments since 1996, and wrote the first web security testing and training tools (Achilles and WebMaven/WebGoat v1 respectively).
Our experience helps us find more flaws, accurately determine real business impact and risk, and clearly communicate those findings to you in an easily understandable format.
Because of these advantages, we have been trusted to do many audits for banks, insurance companies, and the highly competitive and secretive aerospace industry, as well as smaller clients and hosted services.
Every member of our expert testing team has given talks and training at many of the biggest security conferences around the world (see the News & Events page), so you know you’re getting industry leading knowledge.
What do we test for?
At Maven we use a blend of automated and manual testing to make sure that you get good value and maximum coverage of the threat profile. Every engagement is different, but some of the usual suspects are:
- Business logic flaws (for which no security scanner can find)
- Poor authentication controls
- Improper authorization checks
- SQL injection
- Cross site scripting
- Cross site request forgery of important functions
- Information leakage
- And many more
For full details of how our testing methodology would help secure your specific application, please contact us, helpful hints to get things started smoothly can be found on our Request For Proposal page.
We look forward to helping you secure your Internet or intranet applications.