Keep your business secure with regular penetration testing

Penetration Testing

Penetration testing helps to protect websites and web applications against attacks from hackers and cyber criminals. By analyzing the website, the scan software identifies possible security holes and vulnerabilities, then creates a detailed report which developers can use to repair any problems.

What is Penetration Testing?

Penetration testing helps to protect websites and web applications against attacks from hackers and cyber criminals. By analysing the website, we identify possible security holes and vulnerabilities, then create a detailed report which developers can use to repair any problems.

Features and Benefits

  • Fraud protection
  • Easy to read comprehensive report
  • Available in one off, monthly or yearly reviews
  • Alerts you of weaknesses before hackers find them
  • The system scans, reviews and reports on any website or web application
  • Works with websites hosted with Hyve pr externally to Hyve
  • Prevents website attacks and blocks attempts to hack into their internal systems
  • Scans websites for over 15,000 vulnerabilities and provides a report detailing exactly what the problems are
  • Identifies security vulnerabilities so developers can take action
  • Protects confidential information in databases and files in the website normally exposes via web pages
  • Checks security of secured pages normally protected by passwords
  • Security Review Scans
  • Main vulnerabilities

Hyve pen testing scans for over 15,000 vulnerabilities, with some of the most common being:

Cross Site Scripting (XSS)

XSS flaws occur whenever an application takes user supplied data and sends it to a web browser without first validating or encoding that content. XSS allows attackers to execute script in the victim’s browser which can hijack user sessions, deface web sites etc

Injection Flaws/SQL Injection

Injection flaws, particularly SQL injection, are common in web applications. Injection occurs when user-supplied data is sent to an interpreter as part of a command or query. The attacker’s hostile data tricks the interpreter into executing unintended commands or changing data.

Malicious File Execution

Code vulnerable to remote file inclusion (RFI) allows attackers to include hostile code and data, resulting in devastating attacks, such as total server compromise. Malicious file execution attacks affect PHP, XML and any framework which accepts filenames or files from users.

Security Review Scans

Information Leakage and Improper Error Handling
Applications can unintentionally leak information about their configuration, internal workings, or violate privacy through a variety of application problems. Attackers use this weakness to steal sensitive data, or conduct more serious attacks.

Insecure Cryptographic Storage

Web applications rarely use cryptographic functions properly to protect data and credentials. Attackers use weakly protected data to conduct identity theft and other crimes, such as credit card fraud.

Insecure Communications

Applications frequently fail to encrypt network traffic when it is necessary to protect sensitive communications.

Failure to Restrict URL Access

Frequently, an application only protects sensitive functionality by preventing the display of links or URLs to unauthorised users. Attackers can use this weakness to access and perform unauthorised operations by accessing those URLs directly.

Hyve are 100% carbon neutral. We use carbon offsetting to balance out the release of carbon dioxide from our offices and infrastructure.