1. Check Company security policies in place.
  2. Check if there is regular monitoring of all aspects of security.
  3. Regularly scheduled security testing.
  4. Check for encryption enabled wherever required.
  5. Reconnaissance
  6. Threat Modeling
  7. Vulnerability Analysis
  8. Exploitation

For database check for

  1. Default accounts and passwords
  2. Easily guessed passwords
  3. Missing Patches
  4. Mis configurations
  5. Excessive Privileges/Parameters


Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *