
Top Selling Extension Winner
2 times in a row - 2017 & 2018
Ecommerce Security Audit Basic Plan
- Description
- Reviews
- FAQ
- Customers ()
- Specifications
- Cloud Hosting
- Changelog
Ecommerce Security Audit Basic Plan: This is a basic security audit service that identifies vulnerabilities like cross-site scripting, guessable credentials, unattended application security flaws and other misconfigurations.
Under this plan, security experts will audit your eCommerce store against general security guidelines and will find out vulnerabilities and logical flaws. The key focus of this plan is to find out possible misconfigurations and loopholes in your eCommerce store.
Ecommerce Security Audit Basic Plan Includes -
- Checks misconfigured HTTP headers.
- Checks session and cookies handling.
- Identifies platform specific known vulnerabilities.
- Checks cryptographic algorithms.
- Evaluation of server fingerprinting.
- Evaluation of SSL ciphers and protocols.
- Evaluation of network ports and protocols.
- Check against password brute force.
Noteworthy Points:
- This service requires a website URL.
- No aggressive scanning would be performed.
- If the website is in production mode, we recommend customers to provide the staging website, else customers can provide the time window of least traffic hours when a website has minimum to zero traffic to avoid the impact of audit on the business.
- After the audit, a report listing vulnerabilities and recommendations will be shared with the customer only.
- Since this service does not involve aggressive methodologies, it will not cover in-depth.
- security assessments and penetration testing.
- No bug fixing and security patching will be included in this service.
- Security vulnerabilities identified will be presented to the customer and will ensure that risk has been addressed.
- Any vulnerability which may have been discovered or any public exploit made available after sharing of report does not come under this audit.
- Due to the nature of security testing, the lack of discoverable flaws and loopholes does not mean the software is fully secure.
- After sharing of report, any changes in configuration, infrastructure or any update applied on host at software/hardware level that may cause security impact on system, invalidates the submitted findings of the report.
- The way of finding vulnerabilities may not be representing all the possibilities, although this service tries to cover the major ones.
- This module will audit the website only against the listed features of this plan.
Support -
For any query or issue please create a support ticket here http://webkul.uvdesk.com/
Ecommerce Security Audit Basic Plan
Does this plan include OWASP top 10?
This service covers only a few of them.
Do I need to provide server credentials for the audit?
Not mandatory. This plan requires a website URL only. However, read-only ssh credentials will help security experts in the analysis.
My website is in production mode, could this security audit service cause an adverse impact on my website and business?
For audit, staging website is mainly preferred, else the customer can provide time window of least traffic hours when production website has minimum to zero traffic to avoid the impact of audit on the business. In this way, a security audit will not affect your business.
Does it involve all security patches in the audit?
No patches will be done, only suggestions will be provided in the report.
Once I have fixed the issues, does revalidation of issues includes extra cost?
No, there will not be any revalidation cost for the issues listed in the security audit report. Revalidation should not be considered as reaudit as only those issues will be validated that are already pointed out in the previous report.
Does this service cover PCI DSS or any other compliance compatibility?
No, this is a general security audit service.
Move to Cloud Today
AWS Free tier hosting for one year by amazon web services, for more details please visit AWS Free Tier.
GCP Free tier hosting for one year with 300 credit points by google cloud platform, for more details please visit GCP Free Tier.
Azure free tier hosting for one year with 25+ always free services, for more details please visit Azure Free Tier.
In our default configuration we will provide tremendous configuration for your eCommerce Website which is fast to load and response.
Default Configuration Details of Server
- 1 GB RAM
- 1 Core Processor
- 30 GB Hard Disk
- DB with 1 GB RAM and 1 Core Processor
* Server Configuration may vary as per application requirements.
Want to know more how exactly we are going to power up your eCommerce Website with Cloud to fasten up your store. Please visit the Cloudkul Services.
Get Started with Cloud