Someone is needed that can prepare our system to do the following:
Production-safe testing
The Veracode dynamic scan engine is designed to test production web applications with minimal impact, and uses testing approaches that do not harm the site or accidentally delete data. For example the Veracode SQL injection test patters use the timing-based methods that append to the existing query without altering its logic. In addition , the XSS test strings inject JavaScript that is benign and does not execute outside the embedded browser used by the Veracode dynamic scan engine.
Dynamic Scan: Perform deep analysis of web applications , using customized scans ,crawl, and authentication settings to establish a deep understanding of the vulnerabilities of a single web application . Dynamic scans simulate malicious uses behavior and detect potential attack points by crawling the application and checking if intended functionality can be misused. This type of scan is necessary if the web application and its security are critical to your business.
We always rather point the Veracode engine at the UAT or Dev site. We will not be hacking to the site.
I have been acknowledged and paid by top most companies for finding loopholes and major flaws in their websites. Have more than 3 year of experiences in web security testing, Did penetration testing on web and mobile apps. Handled more than 50+ Web Portals
I can do the required security assessment, the Veracode automated assessment in undoubtedly great but you can get better results through professionalized manual testing. I can perform that testing on your application,
Hi - I'm not 100% clear on the scope. It looks like you want to run Veracode's scanner over your website? If we could clarify the scope I may be able to reduce my bid :-)
I have 8+ years in web security. I hold CISSP,CISM,OSCP and CREST Registered Penetration Tester certificates and I am well versed in web security
I am Rashmi Uttarwar.I am senior tester with 6.3 years of industry experience in Software QA and Testing Services.
Experience in Integration,System,Regression,Re-Testing,Risk Based & User Acceptance (UAT) Testing, security Testing.