The majority of our assessment clients choose a full-disclosure approach to security assessments. They realize that this helps us maximize results in terms of vulnerabilities discovered thus providing the most value for a given cost. Other times assessment clients are interested in zero-knowledge assessments that simulate an attack from an outside threat with minimal knowledge...Read More

The main difference between our Basic and Standard web application security assessment services is that for Basic assessments, we only perform unauthenticated testing, unless of course we gain authenticated access through exploitation of some vulnerability. Our standard application security assessments test the application from both unauthenticated perspectives and authenticated perspectives of user roles in scope....Read More