Technology

OUR COMMITMENT TO INNOVATION ENABLES US TO PROVIDE OPTIMAL WEB SITE SECURITY.

GamaSec provides the industry-leading cloud-based (SaaS) solution for identifying web site and web application vulnerabilities. Built from the ground up on a completely different technology backbone than its competitors, GamaSec goes beyond traditional signature-based scanners to find more “real-world” vulnerabilities based on deeper and more granular inspection.

GamaSec incorporates multi-layered threat analysis methods that operate on scanned objects to effectively detect possible malware attack. Heuristic technology is combined with Malicious Content Detection engine providing complete break-down of the malicious web content to provide an innovative Malware detection.

GamaSec scanner explores the entire Web application environment and registers its structure and contents. Then it mimics actual hacking methods to identify and uncover the details of any point that is vulnerable to an attack including:

  • SQL Injection Attack - Attempt to get the database server to execute arbitrary SQL.
  • Cross Site Scripting Attack - Attempt to coerce the program to outputting third party Javascript.
  • Parameter Manipulation Attack - Attempt to manipulate input to application validation and filtering.
  • Code Injection Attack - Attempt to execute arbitrary code.
  • Hidden Tag Issues – Attempt to retrieve sensitive information, such as price, hard coded into forms using hidden tags.

The web scanner can be used to discover a wide range of vulnerabilities and, following detection, actually recommends solutions designed to protect the vulnerable data.

Application Vulnerability attacks covered by GamaScan

  • SQLl Injection
  • Blind SQL Injection
  • Installation Path Disclosure
  • Net Exception
  • Command Execution
  • PHP Code Injection
  • Xpath Injection
  • CRLF Injection
  • Directory Traversal Disclosure
  • Scrip Language Error
  • URL Redirection
  • Remote File Inclusion
  • LDAP Injection
  • Cookie Manipulation
  • Source Code
  • Cross-Site Scripting
  • Cross-Frame Scripting
  • Internal IP Disclosure

General Tests covered by GamaScan

  • Web Servers
  • Web Server Technologies
  • HTTP Methods
  • Backup Files
  • Directory Enumeration
  • Directory Indexing
  • Directory Access
  • Directory Permissions
  • Sensitive/Common Files
  • Third party Application

GamaScan not only identifies the security vulnerabilities and detection of Malware in the customer’s web site, but also recommends the most appropriate solution. The fix or workaround solution is identified & implemented when you need it and not when it's too late!