Portal information security audit
We conduct portal information security audits on Bitrix24 and 1С-Bitrix: Site Management. We identify threats and develop recommendations to eliminate them.
We check any box-based solution you have deployed on the Bitrix platform on your own or with the help of external integrators, as well as any additional modules and applications installed by your system administrator (for example, solutions downloaded from Marketplace that have received uncontrolled access to the entire system).
We help minimizing risks:
-
Personal data leaks
-
Unauthorized access to trade secrets
-
Payment system hacking
-
Crash of site due to DOS and DDOS attacks
We check portal security:
-
At application level
-
At server software level
We search for all types of vulnerabilities:
Cross Site Scripting
SQL-injection
PHP-injection
HTTP Response Splitting
HTML code injection
File Inclusion
Directory traversal
We work on any model you choose:
-
Black Box
We do not know how the system is built
-
White Box
You provide us with all the details of the implementation of the system under test
-
Grey Box
We know some features of the system implementation
Types of penetration testing (pen test)
-
External
Assessing whether the network protection perimeter could be crossed and unauthorized access to critical resources could be gained.
-
Internal
Assessing the protection against attacks from an insider with physical access to the system and the ability to connect to the local area network.
Cooperation options:
-
Under a one-time contract
-
As part of technical support