Website audit is the full analysis of all factors, which affects the performance and security of a website. It is very important for websites, no matter how many visitors they attract and how huge they are, to make a full audit once in a while. Knowing what is happening with your website is a must for every owner.
The question is – what can be done to increase the security level of your website and additional applications? Here comes the detailed audit. In a few steps I’m going to cover the process what Eurocoders’ experienced team do when doing an audit.
We begin with fully examination of the site. There is 4 types of penetration test we do: external, internal, software / application tests and physical tests.
In the external test we simulate what the attacker will try to do and test the environment. During the process we test routers and firewalls, web applications, hardware devices (such also can be company cell phones and Internet of Things), as well as social engineering.
The internal penetration test is made to reveal the state of all internally network related aspects like switches, shared folders and etc., as well as IP address schema, OS details and source code. The hardware devices for internal use are also checked – these can be printers, cameras, end-points and many more, which are connected to the network and can give access to the attacker.
We check all the static and dynamic code of your website – before and after deployment. All internally and externally developed applications also should be carefully checked. In physical test we use the following techniques: phishing, vishing, pretexting, baiting and tailgating to check for vulnerabilities.
If a treat is found, we create a plan and detailed steps in order not only to remove the treat, but also to prevent such in the future. While cleaning the issue, we make sure to document everything carefully. After we get rid of it, it’s mandatory to perform the steps of recovering the system and the whole environment.
It's important to remember that audit will help you improve the quality and safety of your website!