Case Study #13 (Web Application and Network Security

Vulnerability Assessment)

W
Weebb A
Apppplliiccaattiioonn aanndd N
Neettw
woorrkk SSeeccuurriittyy VVuullnneerraabbiilliittyy A
Asssseessssm
meenntt
The Business Need
A UK-based Financial Services major had deployed a web-based Corporate document
Portal (CDP) to share sensitive information like bank statements, tax statements,
credit profiles, etc, among their customers. The foremost requirement of this web
application was to provide privacy and confidentiality to all its client documents.
Client availed services of a third party vendor to develop, customize and deploy the
application.

The client proactively foresaw the grave risks of exposing the CDP application on the
web. Sensitive documents needed to be accessed by client’s customers on an
anywhere, anytime basis over the Internet. Client and its customers were
concerned about the possibility of any misuse due to the web presence-that could
happen from any corner of the world. Owing to rise of web application attacks over
the recent years, the need for a secure application grew overbearingly critical.
Confidentiality and privacy of data in the documents were of paramount importance.
This is when, the client approached Cognizant for assessing the security risks in their
web application.

Cognizant Solution
Cognizant took the responsibility to ensure a secure and risk-free presence of the
CDP application on the Internet. The Security team at Cognizant, with its
specialization in web application vulnerability assessments chose to perform a critical
examination of the portal for application level vulnerabilities. The approach was
optimized with the use of automated tools and manual techniques. A three-phase
approach was adopted to conduct the application security assessment.

At first, Cognizant profiled the application to understand the various functions each
user was entitled to access and mapped the list of authorized functions against each
user.

In the second phase, the application was tested for presence of vulnerabilities
including:
• Access violations
• Web application attacks such as Cross Site Scripting, SQL Injection, OS
Command Injection, Path Traversal, Null Bytes, Cookie Poisoning, Hidden
Field Manipulation, Brute Force, Session Hijacking, Session Replay, Buffer
Overflow

The third phase mainly included uncovering vulnerabilities that may have been
present due to insecure deployment. The known vulnerabilities reported in various
forums such as Security Focus, CERT, CVE.MITRE were tested on the application
environment such as the web server.

One of the important findings from Cognizant’s team included possible anonymous
user access to protected areas of the application. A comprehensive report was
presented to the client that laid out the various vulnerabilities identified describing

1
 Case Study #13 (Web Application and Network Security
Vulnerability Assessment)

the severity levels and the impact of the risks. The report illustrated the analysis of
the vulnerabilities and provided recommendations to fix vulnerabilities identified.

Cognizant also performed the assessment process of the organization’s network

communication services, operating systems, routers, email, Web servers, firewalls
and applications to identify weaknesses that could be exploited by intruders to gain
access to the network.

Cognizant took the responsibility to ensure a secure and risk-free presence of the
client’s network. The approach was optimised with the use of automated tools and
manual techniques. Cognizant assessed the servers and operating systems on which
the network devices/ servers are hosted.

The main approach was a review and scan of the server environment for
vulnerabilities, server configurations, server service pack levels, security audit log
files, server event logs, operating system vulnerabilities, password related
vulnerabilities etc.

Technologies used
• AppScan
• Custom-built Access Verifier tool
• ISS internet scanner
• Nessus
• Nmap
• Firewalk
• Hping2
• Ftpmap
• Winfingerprint
• NSlookup
• Whois and
• SmtpScan