We work closely with IT security experts to ensure EngagementHQ meets the highest standards of web application security. Quarterly tests are undertaken to scan EngagementHQ for potential vulnerabilities and to simulate a variety of attacks.

The report of the Vulnerability Assessment and Penetration Testing (VAPT) of EngagementHQ, carried out by an independent certified security tester can be provided upon request. Please get in touch with us via chat or email at support@engagementhq.com to request your copy.

Our quarterly vulnerability testing covers the OWASP top ten and other common vulnerabilities such as:

  • Injection – SQL, Command, CSS, Textile

  • Session management

  • Cross Site Scripting

  • Insecure Direct object reference

  • Security Misconfiguration

  • Sensitive Data disclosure

  • Privilege escalation/Access Control

  • Cross-Site Request Forgery – CSRF

  • Components with known vulnerabilities

  • Redirects and Forwards

  • File Uploads

You can carry out a penetration test, if it is a requirement for your organisation. However we do ask that you provide prior notice so we can provide you with a suitable environment for your testing.


Did this answer your question?