Web Application Health Check

If your web applications involve confidential data and web programming technologies (PHP, JSP, ASP, etc), a health-check scan can scrutinize the applications for potential security risks or vulnerabilities. After scanning, you will receive a technical report identifying the potential security risks. The report prioritizes vulnerabilities and help developers to pinpoint what they need to fix first.

Available To
Staff
Service Fee

Free

Service Hours

Office Hours

Getting Started

Please press the button below to request a health-check scanning for your website.  You will need to login with your ITSC username and password and give us some information of your website for the scanning to start.

 

Web Application Health Check

 

Cautionary Notes

Health-check scanning can be invasive and may cause stress, script execution and email generation, depending on the functionality provided by your applications. Given this, ITSC would prefer to scan your website in a testing or development server and for all sensitive information to be masked or removed. You are also advised to fully back up your website before the scan starts.

During the scan, your website may experience:

  • Email generation and script execution to external systems
  • Modification or deletion of records
  • Excessive log file generation
  • Performance degradation and system stress

 

Application and Server Cloning

Besides scanning your application or website on a testing server as recommended, to avoid the potential drawbacks to affect your production systems, we now offer an option to clone your applications or websites and then arrange health-check scanning in a sandbox environment which is isolated from your existing or production systems.

If your applications or websites depend on other servers (e.g. a database hosted in another server), those servers will also need to be cloned into the sandbox environment for health-check scanning. You will need to assign a technical person to manage the cloned applications or websites in case they have problems after the cloning.

 

Advanced Scanning

You have an option to increase the accuracy of the scanning by installing a script in your application/website. When you select this option, we will generate a script and you install it in your application/website for scanning. If you have also selected cloning, you will only need to install the script in your cloned server.

Please note that this option is only available to PHP, .NET or Java applications. Applications/websites hosted in iHost will be automatically enabled for advanced scanning. For more information on how to install the script, please go to https://www.acunetix.com/support/docs/installing-acusensor/.

 

When to Scan

Upon receiving your request, we will inform you about the estimated time to start the scanning and the server cloning arrangements (if any). A scanning will roughly last around 3-7 days.  If your scanning last longer than 5 days, you may contact us to stop the scanning and have the intermediate scanning results. 

We normally recommend carrying out a scan before your web application is launched and after major changes to your web application.

 

Related Tools

ITSC uses Acunetix for scanning. This software also offers a free 14-day trial edition for testing. More information about Acunetix and common vulnerabilities is available at:

 

Programming Related Issues

Learn More

Please visit the following links to learn more about application security information or services.