Portal information security audit

Portal information security audit

We conduct portal information security audits on Bitrix24 and 1С-Bitrix: Site Management. We identify threats and develop recommendations to eliminate them.

We check any box-based solution you have deployed on the Bitrix platform on your own or with the help of external integrators, as well as any additional modules and applications installed by your system administrator (for example, solutions downloaded from Marketplace that have received uncontrolled access to the entire system).

We help minimizing risks:

  • Personal data leaks

  • Unauthorized access to trade secrets

  • Payment system hacking

  • Crash of site due to DOS and DDOS attacks

We check portal security:

  • At application level

  • At server software level

We search for all types of vulnerabilities:

  • Cross Site Scripting

  • SQL-injection

  • PHP-injection

  • HTTP Response Splitting

  • HTML code injection

  • File Inclusion

  • Directory traversal

We work on any model you choose:

  • Black Box

    We do not know how the system is built

  • White Box

    You provide us with all the details of the implementation of the system under test

  • Grey Box

    We know some features of the system implementation

Types of penetration testing (pen test)

  • External

    Assessing whether the network protection perimeter could be crossed and unauthorized access to critical resources could be gained.

  • Internal

    Assessing the protection against attacks from an insider with physical access to the system and the ability to connect to the local area network.

Cooperation options:

Order an audit