Web applications such as ecommerce, social media and voting sites typically allow users to enter and retrieve data online. This data is often personal or confidential and must be protected, with access typically restricted by user ID and password.
But weak security controls can result in hackers gaining accessing to this data, resulting in personal, payment and commercially sensitive data being exposed and web site owners losing reputation and facing significant fines.
Intertek provides penetration testing or ‘ethical hacking’ of web applications to find the holes before the bad guys do.
The service is safe, structured and thorough. Tests are typically performed remotely across the Internet, and clients are provided with a prioritised list of security weaknesses alongside cost effective actions to improve security.
The service is performed by Intertek’s qualified and experienced team of security consultants – human testers and manual techniques emulating real life hacks. Both traditional website and mobile applications are covered by this service.
For web sites and networks that accept or store card payment data, vendors must comply with the Payment Card Industry Data Security Standard (PCI DSS), as mandated by the major credit card brands including Visa, Mastercard and American Express. Intertek are approved by PCI DSS to deliver security assessments in line with PCI standards.