• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Application Security Audit

You are here

An Application Security Audit is an assessment of the security risks that are associated with your web applications and client server applications; both those that have external exposure via the internet (such as web shops and customer portals), and those that are part of the internal working of your organisation (such as your finance system or customer relationship management software).

As part of an Application Security Audit, Dionach will carry out a security assessment of:

  • The design of each component
  • Web site communications
  • Application layer
  • Web services
  • Database
  • Interfaces

Our experienced and qualified consultants will sample code from sensitive areas such as authentication, database calls, validation, business rules and configurations to ensure the highest security is in place.

A Dionach Application Security Assessment will audit against relevant sections of the information security standard ISO 27001, specifically:

  • Communications and operations management
  • Access control
  • Information systems acquisition
  • Development and maintenance
  • Business continuity management

Where required Dionach will also review application development policies and procedures, including coding standards and give you advice for avoiding security risks in the future.

The output of a Dionach Application Security Audit is a report with a non-technical overview of the impacts and likelihood of the most serious security issues, coupled with full details of the audit undertaken, more comprehensive descriptions of the individual issues, and recommendations for resolution.

We prefer to deliver this Application Security Assessment report face to face to enable discussion and full comprehension of the risks identified. We also make our auditors available for further meetings and discussions with those who are tasked with fixing any issues.

Contact us to discuss how we can help you.