Security Testing

Security Testing is an indispensable part of Web application development life cycle due to increase in privacy breaches in businesses and organizations. Testree embraces the industry standard testing methodology and keeps track of new vulnerabilities. Testree has repository of reusable Security test cases and gained proficiency in using Security testing tools (open source and industrial standard).


Testree helps to identify business risks that are caused by the security vulnerabilities on in-house developed applications, COTS products or third party applications. Testree offers the following solutions:

  • Web application penetration testing
  • Product security testing
  • Information Systems Risk Assessments / Security Audit
  • Security Policy and Process Design
  • Analyzing security vulnerabilities in the applications
  • Analyzing security quality of internally developed applications
  • Ensuring compliance with PCI standards, SOX, and HIPAA
  • Advice on fixing loopholes and future security vigilance plan

Value Proposition

Testree has expertise in performing security / penetration testing on the web applications. It follows the industry standard guidelines by Open Web Application Security Project (OWASP) and Web Application Security Consortium.

  • Comprehensive security analysis
  • Potential security issue coverage


More than one tool is required to accomplish security / penetration testing of web application. Tool evaluation is executed based on the nature of application and environment. Testree has expertise in using open and industry standard tools (IBM Rational AppScan, Web Inspect, Typhon III, WebGoat, and WebScarab).

Testree has expertise in testing web applications for OWASP Top 10 vulnerabilities, few of them are listed below:

  • Cross-Site Scripting (XSS) – (Session hijack, Track user activities, Browser exploitation)
  • Injection Flaws – (SQL injection, XPath injection, LDAP injection, SSI injection)
  • Malicious File execution
  • Insecure Direct Object Reference
  • Cross Site Request Forgery (CSRF)
  • Denial of Service
  • Buffer overflow
Contact our Consultant

USA: +1 732 985 9533
UK: +44 208 587 1411
Canada: +1 905 402 9943
Germany: +49 6131 28910 31
India: +91 80 41939400
E-mail Us:

Quality Assurance

A CMMI® Level 5,
ISO 9001:2000 and
ISO 27001:2005 certified company that lays a very high emphasis on quality and understands the importance of developing defect free solutions.

Nous Infosystems
Valid XHTML 1.0 Transitional