Website audit and why to do it
May 29th 2020 / Programming
A website audit is the full analysis of all factors, which affects the performance and security of a website. It is very important for websites, no matter how many visitors they attract and how huge they are, to make a full audit once in a while. Knowing what is happening with your website is a must for every owner.
The question is – what can be done to increase the security level of your website and additional applications?
Here comes the detailed audit
In a few steps, I’m going to cover the process that Eurocoders’ experienced team do when doing an audit.
We begin with a full examination of the site. There are 4 types of penetration tests we do: external, internal, software/application tests and physical tests.
- In the external test, we simulate what the attacker will try to do and test the environment. During the process, we test routers and firewalls, web applications, hardware devices (such also can be company cell phones and Internet of Things), as well as social engineering.
- The internal penetration test is made to reveal the state of all internal network-related aspects like switches, shared folders and etc., as well as IP address schema, OS details, and source code. The hardware devices for internal use are also checked – these can be printers, cameras, end-points, and many more, which are connected to the network and can give access to the attacker.
We check all the static and dynamic code of your website – before and after deployment. All internally and externally developed applications also should be carefully checked. In the physical tests, we use the following techniques: phishing, vishing, pretexting, baiting, and tailgating to check for vulnerabilities.
If a treat is found, we create a plan and detailed steps in order not only to remove the threat but also to prevent such in the future. While cleaning the issue, we make sure to document everything carefully. After we get rid of it, it’s mandatory to perform the steps of recovering the system and the whole environment.
It's important to remember that audit will help you improve the quality and safety of your website!