Web application security is one component of an overall IT security program. A web application is any form of application or service that is accessed through a web browser, or at least relies on the internet to deliver services.

When we look for vulnerabilities specifically within a web application, this is often done within the context of a wider system vulnerability assessment – though such assessments can also cover only cover on specific application (especially if critical to normal operations).

What a web application vulnerability assessment will look for may include:

  • Identifying exceptions (within the application) to the security policy of the underlying system.
  • Identifying security flaws based on the design, development, deployment, upgrade, or maintenance of the application.
  • Analyzing, classifying, and prioritizing assets within the application.
  • Identifying security vulnerabilities within the application
  • Determining what attack vectors can exploit these vulnerabilities.
  • Suggesting safeguards and / or countermeasures that remove or mitigate those risks.


Purpose of a Web Application Security Scan:

Information gathered from a web application vulnerability assessment, should be used to improve web application management – so as to provide a better system design and risk mitigation strategy.


Get a Web Application Security Scan