Reliable security assessments for a secure web application

We are IT security experts who help you secure your web applications and IT-networks.

We use proven hacking methods and techniques, used by real hackers.

Get personal advice in determining the appropriate security assessment.

Manual and automated security tests combined.

Features

Secure your company and customer data. Keep up your reputation. Prevent leakage of privacy sensitive or valuable data.

 

All Vulnerabilities

Manual and automatic checks on all types of vulnerabilities such as SQL-injections, Cross-site scripting, weak passwords, hidden files and much more.

 

Single or Periodic Tests

Decide whether you prefer a one-time pentest, re-test or periodic security checks on your web application. We are happy to think along with you for a suitable solution.

 

Proven Track Record

Having supported 100+ different organizations (large, small, private, public), we have established a succesfull track record.

 

Report Options

Availability of multiple report formats, including comprehensive developer reports, concise management reports and reports based on the OWASP Top 10 or NCSC guidelines.

 

Personal Support

Receive personal support during the entire security process, from intake to discussing test results, fixing vulnerabilities and re-testing.

 

Manual Code Analysis

Certified (CISA, CISSP, OSCP, CEH) and experienced web security and web development experts can analyse the source code without extra costs, if the data is available.

 

Support for all Technologies

Support for all types of web techniques, such as PHP, .NET and Java. We also have broad experience with portals and commonly used CMS types, including WordPress, Drupal, Magento, Joomla and TYPO3.

 

Customized Pentests

Based on the goal, client requirements and information available beforehand, we conduct customized black-box, grey-box, white-box, crystal-box and time/budget-box pentests.

 

Trustmark Logo

Show you highly value data security and boost consumer trust. Place the Web Security Scan trustmark logo on your website when no severe vulnerabilities have been found.

Test your Web Application Security

Test your web application for security threats and vulnerabilities. Plan a simple security scan or request an in-depth penetration test.

Check our Prices

Why perform a security test?

More than 1,9 billion data records compromised in first half of 2017

Findings in the Breach Level Index by Gemalto indicate that more than 1,9 billion records have been comprised in the first half of 2017, exposing the records of millions of individuals. Many of these records include personal information, such as client data.

Organizations are failing to deploy adequate cyber security tools and processes that are needed to prevent these types of attacks from occurring. By performing a pentest organizations obtain insight in their IT-security and can take appropriate measures to prevent cyberattacks and compromisation of sensitive data.

Type of web application attacks in 2017

The top attack types used against web applications in 2017 were SQL-injection (44%), local file-inclusion (39%), and cross-site scripting (10%).

These attacks continue to dominate, as they work more often than not against unprotected websites. Conversely, if your website protections are not actively blocking this sort of traffic, there is a greater risk that these sorts of attacks potentially impact your organization.

76% of scanned web applications were found to have vulnerabilities

Research by Symantec shows that a stunning 76% of all web applications scanned contain vulnerabilities. Cross-Site Scripting and Information Leakage prove to be most frequent vulnerabilities in the applications.

Recommended by the Dutch National Cyber Security Centre

The National Cyber Security Centre (NCSC) of the Dutch government state in the  ICT-Security Guidelines for Web Applications (version 2015, guideline C.05) that an periodic black-box scan should be performed as technical audit function, with the full functionality of the web application being scanned.

“A blackbox scan emulates a hacker's approach the best, since the scanner has no knowledge beforehand about the web application that will be tested for vulnerabilities. Tools to perform black-box scans are known as Web Application Scanners (WAS). A WAS performs a large number of tests on a web application, e.g. tests or several variants of SQL-injection and XSS.”
NCSC Logo
 

 

Knowledge and Experience from Web Development

Web Security Scan is part of DongIT. We conduct security assessments/penetration tests and we develop secure web applications. Knowledge and experience from web development is used for pentesting and vice versa. This gives the Web Security Scan's quality of service just that bit of extra.

Manual and Automated Tests Combined

 

We manually interact with your web application to analyse its behavior. In contrast to many security services we don't simply run our security software. We use the combination of manual and automated tests for the most accurate and thorough results.

Proven Hacking Methods and Techniques

 

We are IT security experts that help you secure your web applications. We use proven hacking methods, techniques and software, used by real hackers.