loQsoft Posted November 4, 2021 Share Posted November 4, 2021 The application we developed for a customer was subjected to a 10-day pent test by a professional pent test firm. In the test activity where all variations are tried; As a result of the report that came as a result of the test, 3 findings were found, All 3 findings; It has been determined that it is related to the code we have developed. (Coding error) In the application developed using uniGUI components, no findings originating from uniGUI were reported. In this context; We had the chance to see once again how strong and consistent the ungiGUI infrastructure is. Thank you uniGUI 6 1 1 Quote Link to comment Share on other sites More sharing options...
irigsoft Posted November 4, 2021 Share Posted November 4, 2021 1 hour ago, loQsoft said: The application we developed for a customer was subjected to a 10-day pent test by a professional pent test firm. In the test activity where all variations are tried; As a result of the report that came as a result of the test, 3 findings were found, All 3 findings; It has been determined that it is related to the code we have developed. (Coding error) In the application developed using uniGUI components, no findings originating from uniGUI were reported. In this context; We had the chance to see once again how strong and consistent the ungiGUI infrastructure is. Thank you uniGUI Hello. I try to keep security information in unigui on this page: Can you write more information or statistics from the tests. I will add this topics there. Quote Link to comment Share on other sites More sharing options...
loQsoft Posted November 4, 2021 Author Share Posted November 4, 2021 1 hour ago, irigsoft said: Merhaba. Bu sayfada güvenlik bilgilerini unigui'de tutmaya çalışıyorum: Testlerden daha fazla bilgi veya istatistik yazabilir misiniz? Bu konuları oraya ekleyeceğim. Hello @irigsoft The company that provides professional pent testing service, Just share the report with me. In the report, Findings and recommendations are available. Results, - Using ReCapta (high priority) - LDAP authorization (high priority) and also - Detailed display of the errors caused by the application in the browser. For example: MS SQL connection error This error is because the attacker understands which DB they are using and causes them to concentrate on SQL Injection attacks. - Test duration: 10 days (including weekends) - Total Findings: 3 - High Priority finding : 2 - Low priority finding :1 That's all the knowledge we have Best Regards, Quote Link to comment Share on other sites More sharing options...
irigsoft Posted November 4, 2021 Share Posted November 4, 2021 Thank You. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.