Manual Security Testing:
2nd Sight Lab performs manual security testing as part of our penetration testing service. Manual security testing involves a walk through of the website to find as many pages and endpoints as possible including some the automated tools may have missed.
We also manually spot check and test various components and perform tests that a scanner alone cannot test without human interaction. In some cases, additional manual testing is performed in conjunction with reverse engineering that reveals more information about the target.
Some types of logic errors are not discovered by scanners because they require some understanding about the functionality of the application. Certain steps may need to be performed in a particular order to access a particular code flow. Or, on the other hand, steps taken out of order may produce a vulnerability.
Some types of access errors and insecure direct object reference (IDOR) vulnerabilities are not easily uncovered by scanners without human interaction, and those are some of the vulnerabilities we find most often on penetration tests.
2nd Sight Lab stopped offering stand-alone scans due to the fact that they simply do not provide adequate security coverage.
More about 2nd Sight Lab's Penetration Testing Services
Security Presentations: https://www.slideshare.net/teriradichel
Security Research: https://medium.com/cloud-security
Contact: https://linkedin.com/in/teriradichel
2nd Sight Lab performs manual security testing as part of our penetration testing service. Manual security testing involves a walk through of the website to find as many pages and endpoints as possible including some the automated tools may have missed.
We also manually spot check and test various components and perform tests that a scanner alone cannot test without human interaction. In some cases, additional manual testing is performed in conjunction with reverse engineering that reveals more information about the target.
Some types of logic errors are not discovered by scanners because they require some understanding about the functionality of the application. Certain steps may need to be performed in a particular order to access a particular code flow. Or, on the other hand, steps taken out of order may produce a vulnerability.
Some types of access errors and insecure direct object reference (IDOR) vulnerabilities are not easily uncovered by scanners without human interaction, and those are some of the vulnerabilities we find most often on penetration tests.
2nd Sight Lab stopped offering stand-alone scans due to the fact that they simply do not provide adequate security coverage.
More about 2nd Sight Lab's Penetration Testing Services
Security Presentations: https://www.slideshare.net/teriradichel
Security Research: https://medium.com/cloud-security
Contact: https://linkedin.com/in/teriradichel