Portal information security audit
We conduct portal information security audits on Bitrix24 and 1С-Bitrix: Site Management. We identify threats and develop recommendations to eliminate them.
We check any box-based solution you have deployed on the Bitrix platform on your own or with the help of external integrators, as well as any additional modules and applications installed by your system administrator (for example, solutions downloaded from Marketplace that have received uncontrolled access to the entire system).
We help minimizing risks:
- 
				Personal data leaks 
- 
				Unauthorized access to trade secrets 
- 
				Payment system hacking 
- 
				Crash of site due to DOS and DDOS attacks 
We check portal security:
- 
				At application level 
- 
				At server software level 
We search for all types of vulnerabilities:
- Cross Site Scripting 
- SQL-injection 
- PHP-injection 
- HTTP Response Splitting 
- HTML code injection 
- File Inclusion 
- Directory traversal 
We work on any model you choose:
- 
				Black Box We do not know how the system is built 
- 
				White Box You provide us with all the details of the implementation of the system under test 
- 
				Grey Box We know some features of the system implementation 
Types of penetration testing (pen test)
- 
				External Assessing whether the network protection perimeter could be crossed and unauthorized access to critical resources could be gained. 
- 
				Internal Assessing the protection against attacks from an insider with physical access to the system and the ability to connect to the local area network. 
Cooperation options:
- 
				Under a one-time contract 
- 
				As part of technical support