We’re Cyber Essentials certified. CE is a scheme backed and supported by the UK Gov and the industry to promote best practices and protection against online threats.

Note: IntelliSense.io also runs data/integration/etc.. security tests - this article covers the feature security checks.
We follow the standard security checks that suit our system to run a set of test scenarios and verify how secure our system is, below are the security checks we run constantly:

  1. Verify the web page which contains important data Ex. the login page that has password entry should be submitted via HTTPS (SSL).

  2. Verify that important information like passwords, etc should display in an encrypted format.

  3. Verify the system behavioral with the valid/Invalid password and only valid credentials working.

  4. Verify password rules are implemented on all authentication pages like registration, forgot password, change password.

  5. Verify that the user should not able to copy/paste the password field.

  6. Verify if the password is changed the user should not be able to log in with the old password.

  7. Verify the password complexity.

  8. Verify the error messages should not display any important information.

  9. Verify the user account gets locked out if the user is entering the wrong password several times.

  10. Verify the user roles and their rights. 

  11. Verify changes in any URL parameters like Dashboard parameters, the system should respond correctly to the changes.

  12. Verify accessing some pages for different users' privileges. The User should not be allowed to access any data that he/she does not allow to access.

  13. Both "change password" and "logout" functions are provided.

  14. Change password requires the provision of old password use.

  15. Users should be informed of the last login time after login into the system.

Did this answer your question?