Web Applications and REST APIs

CODE Security uses a web application / REST API penetration test to uncover vulnerabilities that might be exploited by a remote attacker (authenticated and unauthenticated).

The current OWASP Top 10 Web application security risks as well as the OWASP API Top 10 security risks form the backbone of the web application and REST API interface security assessment services we provide for our clients.

  1. Injection
  2. Authentication errors
  3. Loss of confidentiality of sensitive data
  4. XML external entities (XXE)
  5. Access control errors
  6. Security-related misconfiguration
  7. Cross-site scripting (XSS)
  8. Insecure deserialization
  9. Use of components with known vulnerabilities
  10. Inadequate logging and monitoring

To further increase effectiveness, CODE Security recommends a combination of classic web application testing with a source code review of the web application and analysis of how your sites use REST APIs.

Contact CODE

You have questions about CODE or are interested in working with us? Send us a message and we will get back to you as soon as possible!

Note: You are not currently logged in. If you log in, we can fill in some information and save you a lot of typing.