Wednesday, May 29, 2013

Penetration testing must be a part of the your web strategy because all it takes is one malicious attack....

If, like most people that grew up in the late 20th century, you are a Bill Watterson fanatic – Then you will surely remember getting a kick out of this (pun intended). http://bestofcalvinandhobbes.com/2011/10/a-swifty-kick-in-the-butt-is-for-sale/


While the humor in these is sufficient reward, many times you can draw on Bill’s caricatures for real life learning. In this case, I immediately associate it with any company that has an online presence but is not conducting periodic sweeps of its website to test its own vulnerability. Obviously “a kick in the butt” is not an academically precise comparison but it’s a start and maybe just what the doctor ordered. 

While CTO’s are aware of increasing vulnerabilities to their websites, they are content with the “I have never been hacked, so why should I care?” philosophy. To this line of thinking, I rebut with “All it takes is once”.

If you hold customer information, you have an obligation to be pro-active in plugging holes within your portal. If you lose client confidential information once, you lose much more than immediate revenue. You lose trust which will affect future streams of revenue. Negative publicity spreads way faster than compliments. The only reason this will not bother you is if you are a one-man tea stall on a lonely road with no ambition whatsoever to grow. In that case, may I ask what you’re doing online? 

While following standards in secure web design will get you most of the way there, smarter people will inevitably find a way around it. In comes “penetration testing”. HackVidhi’s super smart team of programmers are standing by to get their hands dirty by “ethically hacking” your website before malicious hackers get a chance to.  

Penetration testing is not typically a scripted model. There are no clear steps 1 and 2 and 3 to follow. It’s a skill that’s learned over multiple hours of reading, experimenting and …you got it, ethically hacking websites. To boot, you cannot be an ethical hacker without already being a web designer. Consequently, this team is already well versed with web design and can school your web design team on establishing best practices and check points for secure design. 

If this has somewhat caught your attention and you have another 2 minutes before those pop tarts pop in your microwave, go on to http://hackvidhi.com/PenTesting.php for a pictorial overview of our services and shoot us an email for a free first round of penetration test. You have no obligation to continue, you get a free report outlining the first couple of issues found (if any) and you now have a better idea of how your web design will hold up to intrusions. If you do see value in our services, we will contract with you for periodic penetration testing and function as an extension to your current development and test team. Our paid services can also serve as part of your audit needs to showcase that you are taking necessary steps to protect your private data and those of your clients.

If you have any questions or want to get started simply shoot us a quick email here - contactus@hackvidhi.com

No comments:

Post a Comment