To be fair, testing software can be one of the less enjoyable parts of the applications development process, and testing the working environment for vulnerabilities perhaps one of the least enjoyable of all. It is also a task which, because it includes a fair degree of repeated processes, one that is well-suited to at least some level of automation. Having it delivered as a service is even better.
That is what DOSarrest Internet Security has just introduced with its new website Vulnerability Testing and Optimisation(VTO) service.
This is a comprehensive test that will intelligently trawl a website and find any vulnerabilities in the site’s coding, as well as analyse the structure of the website to see what can be optimised for better performance.
The Vulnerability portion of the scan is able to analyse web code while it is being executed, even for a very large site with dynamic pages. It tests them with a range of tools including the most advanced SQL Injection and Cross Site Scripting (XSS) analysers. A report is provided at the end that details all identified security breaches, including the line of code that is the culprit and information on how to fix it.
A secondary Optimisation scan is executed again on all pages within a website, applying best practice rule sets which identify what elements and design structure can be optimised, and how to do it. A DOSarrest security specialist can walk the customer through the report and retest if necessary.
“Our customers have come to greatly appreciate our efforts, to not only protect them from DDoS attacks, but to also assist their IT operations in securing their web servers in house ”, says Jag Bains, CTO of DOSarrest. “We are able to leverage our experience and expertise to provide our customers a framework for securing their operations. With web application hacking on the rise, the VTO service is taking our customer partnerships to another level”.
Canadian-based DOSarrest is one of only a couple of companies worldwide to specialise in only cloud-based DDoS protection services. Their global client base includes mission critical ecommerce websites in a wide range of business segments including financial, health, media, education and government.
Mark Teolis, GM of DOSarrest states, “We knew this was something we needed to add to our fully managed DDoS protection service, because every site we have tested so far has had security holes and/or poor performance, including our own website.”