Requirement for Website Penetration Testing

Requirement for Website Penetration Testing

The overall aim of the project is to independently measure the effectiveness of security controls within the website.

Cranfield University

Contract summary

Industry

Computer and Related Services

Location of contract

MK43 0AL

Value of contract (£)

£0

Published date

15 February 2016

Closing date

24 February 2016

Contract start date

08 March 2016

Contract end date

04 April 2016

Description

The overall aim of the project is to independently measure the effectiveness of security controls within the website, from an external perspective, outline any vulnerabilities and recommend improvements. Specific objectives are: • Assess the level of exposure that the site could present • Assess whether access levels can be escalated (known as privilege escalation) • Assess whether an unauthorised user can modify the site contents for other users • Assess whether any forms on the site allow unauthorised modification of data outside their intended purpose (i.e. SQL Injection attacks) • Assess the level of this exposure from an external attack (in regards to the protection of data held in the system) to ensure that security controls and coding controls are fit for purpose • Measure the degree of compliance with good practice • Identify actions that will reduce any identified risks to an acceptable level • Recommend improvements in security controls to prevent unauthorised access and misuse of the service (i.e. obtaining data of registered users of the site)

About the buyer

Contact name

Simon Gibbs

Address

Cranfield

Beds

Cranfield

MK43 0AL

United Kingdom

Telephone

01234 758020

Email

s.gibbs@cranfield.ac.uk

Other information

Attachments

Additional information on how to apply for this contract

https://in-tendhost.co.uk/cranfielduni/aspx/

To register for this opportunity please use the URL link below:- https://in-tendhost.co.uk/cranfielduni/aspx/ Is a Recurrent Procurement Type? : No

How to apply

Please apply directly to the buyer using the contact details provided.

Enjoyed this post? Share it!