Let us show you how we can hack your website.

In a hacker’s perspective, targets are mostly selected based on discovered vulnerabilties rather than the value of data behind the web-site. According to a Gartner Report, 75% of attacks today occur at the application level.

Despite the common use of defenses such as web application firewalls and intrusion pre-vention and detection systems, hackers still pose a serious liability without being stopped or detected.

Even at this moment, someone could be probing, poking, and prodding relentlessly at your external facing website to find weak-nesses to exploit your website.

Web security breaches can happen anytime, your website could be the next target!

LE Global Services Sdn. Bhd. (700472-M) B-3A-6-5, Setiawalk Persiaran Wawasan, Pusat Bandar Puchong 47100 Selangor Malaysia Tel: +603 - 5885 8089 Fax: +603 - 2298 7333 Web: www.le-global.com E-mail: info@le-global.com

At LGMS, we can offer you a comprehen-sive security risk assessment solution - Web Application Penetration Testing. You can be assured that we will identify, analyze, and re-port any potential security flaws found in your web application.

Aside from that, we will also provide you with the best methods to remediate the reported vulnerabilities in line with the requirements of your business environment.

Are You Being Targeted?

Our Solution

“Security is a business issue, not a technical issue” - T. Glaessner, T. Kellerman, V. McNevin

Web Application Penetration Testing

How Can You Benefit?

LGMS Can Help You Identify and Resolve Security Risks In Your Web Application

With web application penetration testing, you can evaluate your current security pos-ture in depth and make strategic decisions for better managing threat exposure within your company.

At LGMS, we commit to a highly-disciplined and methodical pentesting practice with a combination of wide range of commercial and open-source tools as well as manual pentest. We work closely with our clients in a proactive manner to ensure that their web applications are thoroughly tested in order to minimize the risk of a security breach.

As of now, our Web Application Penetration Testing has become an integral part of the Software Development Life Cycle (SDLC) for many of our regional clients; providing a guidance for our clients in building more secure and robust web applications.

Are you ready to let us assist you?

LE Global Services Sdn. Bhd. (700472-M) B-3A-6-5, Setiawalk Persiaran Wawasan, Pusat Bandar Puchong 47100 Selangor Malaysia Tel: +603 - 5885 8089 Fax: +603 - 2298 7333 Web: www.le-global.com E-mail: info@le-global.com

MethodologyOur web application penetration testing methodology not only adheres to worldwide industry standards such as Open Source Web Application Security Project (OWASP), we also conduct customized tests based on your business logic.

For reference, the vulnerabilities identified will be manually verified to weed out false positives and then classified based on Com-mon Vulnerability Scoring System (CVSS) and National Vulnerability Database (NVD). A comprehensive pentesting report will then be produced with instructions for remediation for each vulnerability found.

A1  -­‐  Injec*on  

A2  –  Broken  Authen*ca*on  and  

Session  Management  

A3  –  Cross-­‐site  Scrip*ng  (XSS)  

A4  –  Insecure  Direct  Object  References  

A5  –  Security  Misconfigura*on  

A6  –  Sensi*ve  Data  Exposure  

A7  –  Missing  Func*on  Level  Access  Control  

A8  –  Cross-­‐site  Request  Forgery  

(CSRF)  

A9  –  Using  Components  with  

Known  Vulnerabili*es  

A10  –  Unvalidated  Redirects  and  Forwards  

OWASP Top 10 Web Application Security Risks

“There are only two types of companies: Those that have been hacked and those that will be.” -Robert Mueller, FBI Director 2012

About LGMSLGMS / LE Global Services Sdn Bhd is an Information Security Consulting Firm, specializes in various Information Security consulting services such as Network Penetration Testing, Enterprise Security Assessment, Computer Crime Investigation, PCI DSS consultation, ISO/IEC 27001 implementation and certification.

Established in 2005, LGMS has earned a reputation for integrity, value and best practices by providing world-class professional services to clients from various industries, locally, regionally and internationally.

We are proud to remain neutral as an agnostic, professional security services provider. We do not sell any other conflicting auxiliary services or software (e.g., IT staff recruitment, 3rd-party products or solutions, etc.) that contradict our core beliefs, as we persistently strive to avoid any indiscriminate services that could potentially compromise our client’s interests.

Since our inception, LGMS has maintained a focus on delivering services that assess our cus-tomers’ security requirements, reduce risk and provide operational efficiency. LGMS is the only information security services company that integrates the best practices of ISO quality manage-ment systems into our entire portfolio of services, resulting in measurable performance increases for our customers.

COMMITMENT TO QUALITY

LGMS is committed to achieving the highest standards of service quality as our certification by the following programs attests:

DQS ISO/IEC 27001:2005Certification No: 463351 ISMS

PCI Security Standards CouncilCertification No: 54040-01-01

DQS ISO/IEC 27001:2005Certification No: 463351 ISMS

PCI Security Standards CouncilCertification No: 54040-01-01

DQS ISO/IEC 27001:2005Certification No: 463351 ISMS

PCI Security Standards CouncilCertification No: 54040-01-01

PCI Security Standards CouncilCertification No: 204-277; 204-278

PCI Security Standards CouncilCertification No: 5040-01-05

Awards & Recognitions

I am deeply impressed with LGMS’s commitment to service excellence. They are not your ordi-nary Penetration Testers; with their in-depth knowledge and trustworthi-ness in I.T. Security field, they can very much be your strategic security advisor.

-The CEO International Commercial Bank

Real Client Testimonials

More Testimonials and References Available Upon Request

LGMS have demon-strated high level of profes-sionalism during the security service engagement; the pro-ject has been a major factor in strengthening the security posture of our organization.

-Tommy TanVice President,

Head of Information TechnologyCAGAMAS BERHAD

LE Global security consultants are helpful and experienced, they will never hesitate to go the extra miles in giving us guidance and advisories.

-Lee Thiam SengHead, IT Security

CIMB Group

LE Global has demonstrated its highest levels of integrity, profession-alism, a wealth of technical experience and quality of delivery that ensures the project to be delivered within scope, time-frame and cost. LE Global also showed that they are able to understand the complex world of telecom-munications while delivering results.

- Suresh RamasamyISMS Project Manager,

Technology DivisionDiGi Telecommunications

Contact LGMSLE Global USA / LGMS24, Cathedral Place #402 St. Augustine, FL 32084United States of America

Tel: +1 (615) 410 - 0511E-mail: boyd.jones@le-global.com

LE Global Services Sdn Bhd28th floor, The Gardens South TowerMid Valley City, Lingkaran Syed Putra59200 Kuala LumpurMalaysia

Tel: +6 (03) - 2298 7397Fax: +6 (03) - 2298 7333E-mail: info@le-global.com

LE Global Services Sdn BhdB-3A-6-5, SetiawalkPersiaran Wawasan,Pusat Bandar Puchong47100 SelangorMalaysiaTel: +603 - 5885 8089Fax: +603 - 2298 7333

LE Global Services Pte. Ltd.1, Coleman Street, #09-03, The Adelphi, Singapore 179803

E-mail: info@le-global.com

Trusted by various international banks, insurance agencies, local and foreign government ministries, law enforcement agencies andFortune 500 companies, you can depend on LGMS to be your long

term IT security service partner.

Please visit us today at:

www.le-global.com