iViZ - Qualys Partnership for Comprehensive Cloud-Based Web Application Penetration Testing

A Strategic partnership that combines the strengths of both organizations by coupling the highly automated testing of QualysGuard Web Application Scanning (WAS) with iViZ's Penetration Testing Technology and comprehensive manual testing.

The key highlights of the Pen Testing solution are

  • Highly Scalable Qualys automated scanning
  • Vulnerability Validation with "Zero False Positive Guarantee" by iViZ
  • High Quality Business Logic Testing by iViZ

 

Business Logic Vulnerability Testing

How the Application Penetration Testing Works?

With the new partnership, iViZ will use QualysGuard WAS to perform automated web application scans. Then iViZ will use its Web Application Penetration Testing technologies, combined with manual validation of the findings, and perform business logic testing to achieve comprehensive web application testing. The solution is delivered in 4 steps:

iviz security testing
  • Attack Surface Analysis, Threat Modeling and Test Configuration
  • Automated Test by Qualys WAS engine
  • Validation of Vulnerabilities and False Positive Elimination by iViZ
  • Business Logic Testing and other Advanced Exploitation by iViZ

 

Zero false Positive Guarantee

Zero false Positive Guarantee

iViZ conducts high end Application Vulnerability / Penetration Testing with manual validation to ensure your application / website security. Reports are free from False Positive due to our hybrid approach of combining automated testing with manual validation.

  • False positive elimination through advanced heuristics, safe-exploitation and manual validation
  • No need to spend boring and costly human labor to remove false positives.
  • Proof of exploitation and Screen shots


Business Logic Vulnerability Testing

Business Logic Vulnerability Testing

iViZ conduct high end Application Vulnerability / Penetration Testing which combines automated application security testing with indepth manual business logic testing. The hybrid approach for application or website security discovers vulnerabilities missed by automated tools

  • Detect the most critical business logic flaws that cannot be discovered by tools
  • iViZ uses extensive work flow automation and thorough manual validation
  • Covers 100% of the 26 WASC (1) classes

 

Key Features of Application Penetration Testing

  • Highly scalable automated scans by Qualys
  • Vulnerability Validation and "Zero False Positive Guarantee" by iViZ
  • Business Logic Penetration Testing by iViZ
  • 100% WASC Class coverage
  • Access to an On Demand Cloud portal to start a test whenever you need to
  • Access via the portal to Reports in multiple formats and a Dashboard with Vulnerability Analytics

 

Free Trial- Web Application Penetration Testing

*The Web Application Penetration Testing solution is available through the iViZ cloud portal.

*You can register for free trial here