Cenzic provides software and SaaS products for Website security
Customer Login   |    Contact   |    Blog    
1-866-4-CENZIC (866-423-6942)   |    Subscribe to the Cenzic Blog Connect with us on Facebook Follow us on Twitter Find Cenzic on iTunes Link to us on LinkedIn Watch our videos on YouTube
Website Test Details

Website Test Details

Learn more about the tests in each service

Each of the Cenzic ClickToSecure Cloud service offerings shown below has an increasing and cumulative number of website tests. That means that the 9 tests included in the Bronze are included in the Silver and Gold. And all 16 tests in the Silver are included in the Gold.

The HealthCheck service only includes 3 tests: Cross-Site Scripting, Non-SSL Password, and Password Auto-Complete. 

Bronze (9)

Authentication (2)
  • Non-SSL Password
  • Password Auto-Complete
Cross-Site Scripting (1)
Information Leaks (4)
  • Credit Card Disclosure
  • Form Caching
  • HTML & JavaScript Comments
  • Non-SSL Form
SQL Injection (1)
  • SQL Error Message
Web Server Configuration (1)
  • Web Server Vulnerabilities

Silver (16)

Authentication (2)
  • Non-SSL Password
  • Password Auto-Complete
Cross-Site Request Forgery (1)
Cross-Site Scripting (1)
Directory Access (1)
  • Directory Browsing
Information Leaks (5)
  • Application Exception
  • Credit Card Disclosure
  • Form Caching
  • HTML & JavaScript Comments
  • Non-SSL Form
Insecure Direct Object Reference (2)
  • URL in Query
  • Remote File Inclusion
Insecure Resource Location (1)
  • File and Directory Discovery
SQL Injection (1)
  • SQL Error Message
Web Server Configuration (2)
  • Web Server Vulnerabilities
  • Check HTTP Methods

Gold (24)

Authentication (3)
  • Non-Masked Password
  • Non-SSL Password
  • Password Auto-Complete
Cross-Site Request Forgery (1)
Cross-Site Scripting (1)
Directory Access (1)
  • Directory Browsing
Information Leaks (9)
  • Application Exception
  • Basic Auth over HTTP
  • Browse HTTP from HTTPS
  • Credit Card Disclosure
  • Form Caching
  • Form Submitted Without Using POST
  • HTML & JavaScript Comments
  • Non-SSL Form
  • Username or Password in HTTP Request
Input Validation (1)
  • HTTP Response Splitting
Insecure Direct Object Reference (2)
  • URL in Query
  • Remote File Inclusion
Insecure Resource Location (1)
  • File and Directory Discovery
Session Management (1)
  • J2EE Session ID Length
SQL Injection (1)
  • SQL Error Message
Unvalidated Redirects and Forwards (1)
Web Server Configuration (2)
  • Web Server Vulnerabilities
  • Check HTTP Methods
About Us | Products | Solutions | Support | News & Events | Partners | Resources | Legal | Privacy ©2012 Cenzic, Inc. All Rights Reserved.