The Ultimate Website Audit, Vulnerability Assessment

We offer to carry out a comprehensive website audit, which would provide answers to the following essential questions:
- whether the website is infected with malware;
- whether it is adequately protected against intrusion and unauthorized activities;
- whether development of the website has been conducted in accordance with the search engine optimization (SEO) criteria;
- whether it is suitable for mobile users?
The audit is comprised of 3 components.

The technical audit includes initial website research and information collection, which is the basis for the further audit process. Data on the website’s domain, IP addresses, server software is collected, the HTML code is studied verifying the existence of errors in it. A website map is created with its available resources and page addresses, an analysis of website navigation and internal links is carried out, as well as its suitability for mobile users is determined.

Security audit is carried out using the well-known OWASP methodology. The inspection involves searching for potential malware in the website`s code and data, identification of such significant vulnerabilities as SQL injection, XSS, session management, and authentication risks.

During the search engine optimization (SEO) audit process the factors that influence the position of the website in Internet search engines are analyzed, and therefore its reputation and popularity. Website code, website addresses, content, keywords and hyperlinks are analyzed on the basis of the SEO criteria.

When doing a website research, the so-called “black box principle” is used, which means that the inside information about the system is unknown, the customer only announces the address of his site. Upon completion of the audit, the customer receives a report listing and technically documented the revealed errors and vulnerabilities, as well as providing recommendations for their correction.