Digital Security Consultants
Proudly Serving Clients throughout the UK
AppCheck takes a principals first approach to application vulnerability
detection, and isn't bound to any platform or signature database.
AppCheck combines open source intelligence gathering and a sophisticated browser based crawler engine to identify application components that could be vulnerable to attack.
Of course, AppCheck isn't just about applications. It also takes care of your infrastructure and will report back on items such as missing security patches, configuration weaknesses and information disclosure vulnerabilities.
AppCheck approaches each test in the same way that a hacker or penetration tester would and applies a testing methodology. The vast majority of application security flaws, such as SQL Injection and Cross-Site Scripting arise from insecure processing of input supplied by the client. AppCheck examines the original expected value and the servers response when the value is modified. By adopting this methodology, AppCheck is able to determine how data may be being processed by the server and can then dynamically evolve each test to identify vulnerabilities. This approach results in more accurate testing and allows AppCheck to identify security flaws that may be masked by security filters and Intrusion Prevention Systems (IPS), but could still be exploited by a real-world attacker.