Trustwave branches out into application pen-testing

News by Richard Thurston

The security services company is to try to help enterprises protect their web-based apps from attacks like SQL injection, buffer overflow and cross-site scripting

Trustwave is to extend its security services to include application penetration testing.

The company, which specialises in payment card industry (PCI) compliance, already offers services like secure email and forensics. It also offers more covert services like electronic surveillance and the investigation of industrial espionage.

Trustwave's application pen-testing servicesĀ are aimed to highlight exploitable vulnerabilities in corporate web-based apps. Tests include logic flaws, input validation, buffer overflow, cross-site scripting, URL manipulation and SQL injection, the company said.

Trustwave also plans a service in which it will work with internal developers to improve the development process. It will additionally conduct inspections of application source code.

The services will be led from the company's SpiderLabs security teams in Chicago and London.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews