We work closely with IT security experts to ensure EngagementHQ meets the highest standards of web application security. Quarterly tests are undertaken to scan EngagementHQ for potential vulnerabilities and to simulate a variety of attacks.
The report of the Vulnerability Assessment and Penetration Testing (VAPT) of EngagementHQ, carried out by an independent certified security tester can be provided upon request. Please get in touch with us via chat or email at support@engagementhq.com to request your copy.
Our quarterly vulnerability testing covers the OWASP top ten and other common vulnerabilities such as:
Injection – SQL, Command, CSS, Textile
Session management
Cross Site Scripting
Insecure Direct object reference
Security Misconfiguration
Sensitive Data disclosure
Privilege escalation/Access Control
Cross-Site Request Forgery – CSRF
Components with known vulnerabilities
Redirects and Forwards
File Uploads
You can carry out a penetration test, if it is a requirement for your organisation. However we do ask that you provide prior notice so we can provide you with a suitable environment for your testing.