A client in the software industry wanted to test the security of the web application and user portal that they make available to clients via the web.
Baker Tilly utilized our web application security testing methodology, based on the OWASP Top 10 web application vulnerabilities, to attempt to gain unauthorized access to the client's internal systems, data or application code. Throughout our testing, the team utilized a variety of automated scanning solutions, as well as manual penetration testing attempts to identify weaknesses within the application and web portal. Our attempts were unsuccessful, only identifying minor configuration recommendations.
The client was appreciative of our efforts and complimented the team on the exhaustive testing that was performed. They felt more confident in the security of their web application and implemented our configuration recommendations immediately, which our team validated based on the client's request.