Talbytech provide website vulnerability assessments. These assessments are crafted to determine if the hosting infrastructure have any current, unresolved vulnerabilities.

The assessment is performed using non-intrusive methods, leveraging web api calls and default user credentials to identify issues within the website, and are performed without exploiting any privilege escalations. Also, no brute force methods including cipher cracking or network level attacks are performed.

Port scans can be performed on request on external and internal networks including wifi portals

All identified weaknesses are documented and recommendations for remediation are provided. These can include:

Web server, application and operating system version(s) Default files stored in the web root directory Database vulnerabilities

The methods to be used are agreed commencing the tests, and are detailed in the report provided.

This assessment is not a PCI compliance assessment, it is a general assessment intended to identifiy if a website is reasonably secure and determine if more intrusive testing is required.