AboutWeb offers a wide range of cybersecurity services including:
- Security Architecture
- Security Audits
- Network and Server Security Scanning
- Penetration Testing
- Code Reviews
- NIST 800-53 Compliance Reporting
AboutWeb has extensive experience working with the Federal Government and can help your agency meet their security requirements including FISMA, FIPS, and NIST 800-53. AboutWeb uses a combination of commercial and open sources tools as part of our security practice. Our partnership with FireEye allows us to bring state of the art security appliances to secure your infrastructure. We also employ other industry standard tools such as Nessus(tm) for network security scanning and HP Fortify(tm) for static code analysis. Our long-standing Adobe partnership and extensive experience with Adobe products combined with our security expertise gives us the unique ability to secure ColdFusion applications and provide PDF-based document security.
Our Security Architects have performed numerous system security audits and policy development for government agencies that include the Nuclear Regulatory Commission (NRC), the National Institute of Standards and Technology (NIST), and the U.S. Department of Agriculture (USDA).
Web Penetration Testing
AboutWeb has extensive experience with web penetration testing, using a combination of automated and manual tools such as OWASP Zed Attack Proxy (ZAP). We have a ZAP evangelist on staff that can perform web penetration testing against your applications or assist in configuring your own internal testing.
One-Day Security Audit
AboutWeb offers a one-day security audit service for Web applications. This service includes a review of the Web Server configuration, application server configuration, and code review for the OWASP Top 10 Web Vulnerabilities. While not as in depth as a full security audit, this service provides an insight into the types of vulnerabilities that are present in Web applications.