1. Check Company security policies in place.
  2. Check if there is regular monitoring of all aspects of security.
  3. Regularly scheduled security testing.
  4. Check for encryption enabled wherever required.
  5. Reconnaissance
  6. Threat Modeling
  7. Vulnerability Analysis
  8. Exploitation

For database check for

  1. Default accounts and passwords
  2. Easily guessed passwords
  3. Missing Patches
  4. Mis configurations
  5. Excessive Privileges/Parameters

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *