All Procommerce systems will be tested multiple times automatically and manually. The security testing is performed using OWASP methodology following the OWASP Application Security Verification Standard version 4. Our goal is to minimise the risk of cyber incidents as much as possible and keep processed data safe.

During the audit we test for OWASP top 10 web Application security risks:

• A01:2021-Broken Access Control
• A02:2021-Cryptographic Failures
• A03:2021-Injection
• A04:2021-Insecure Design
• A05:2021-Security Misconfiguration
• A06:2021-Vulnerable and Outdated Components
• A07:2021-Identification and Authentication Failures
• A08:2021-Software and Data Integrity Failures
• A09:2021-Security Logging and Monitoring Failures
• A10:2021-Server-Side Request Forgery

Our subscription based service includes monthly security health check ups that are automatic DAST scans. During the monthly scan the application interfaces will be checked for input validation issues and security configuration flaws.

During the monthly audit we check:

• Do all the application interfaces continue to properly validate inputs
• Do all the necessary access controls still apply
• Deployed 3rd party javascript components for known vulnerabilities

Security testing will be executed by certified security specialist.

Certified Network Defender

Certified Ethical Hacker

https://owasp.org/www-project-top-ten/