We are also partnered with Veracode to provide static or dynamic binary code analysis for even deeper “inside-out” results. Our expert web application test consultants validate and interpret these results, and subsequently can help to guide code remediation and strategies.

Because of our reputation for deep analysis, Banks and service providers rely on our testing for web applications such as:

  • Online banking
  • Remote deposit
  • Investment Services
  • Mobile banking
  • Secure File Exchange
  • Lock Box
  • Marketing websites

Our testing uncovers over 99% of technological security issues, including but not limited to:

  • Insecure Cryptographic Storage
  • Command Injection
  • Cross Frame Scripting (XFS)
  • LDAP Injection
  • SSL/TLS Configurations
  • HTTP Parameter Pollution 
  • HTTP Verb Tampering
  • Open Redirection
  • Improper Error Handling
  • Browser Autocomplete
  • File Extension Filters
  • Web Server Configurations
  • SQL Injection
  • Cross Site Request Forgery
  • Code Injection
  • Cross Site Scripting (Reflected, Stored, DOM based)
  • Authorization Bypass (Horizontal and Vertical)
  • Authentication Bypass (Horizontal and Vertical)
  • SSI Injection
  • XML Injection
  • Session Management
  • Secure Data Transmission
  • Path Traversal
  • Local File Inclusion
  • Remote File Inclusion

With our specific knowledge of financial systems and regulatory guidance, Bancsec excels at exposing and correcting problems that could lead to compromise of customer account information and funds transfers.