Conduct vulnerability test for our newly developed system

Closed - This job posting has been filled and work has been completed.

Job Description

We are looking for the partner who would conduct the vulnerability test for our newly developed system. We now develop enterprise SNS system and need to have 3rd persons to check if the system is secure enough to launch.

The detail is as follows

- Target device: PC, Mobile (IOS, Android)

What we need to check
- If common securities holes are dealt with properly
- If there is any risk of personal ID information leaking
- If our datas are securely managed
- If actions including authentications / authorisations are implemented securely
- If our mobile applications are developed with a sold security

Request menu
- Authentication
- HTTPS implementation, password security
- Authorization
- Session ID, access control, session fixation
- Command (inc. client)
- OS command injection
- SQL command injection
- Cross site scripting

Report
- No fixed format is fine, as far as we understand where the vulnerabilities are