Download the pdf here Appcheck and GDPR
There is no doubt that the GDPR is serious business. AppCheck has noticed a significant shift in focus by company executives, taking a much more active interest in security matters since the GDPR, and specifically the fines were introduced. Naturally, with that comes a never-ending list of vendors claiming to solve the GDPR problem. In truth, no one product or service can achieve compliance, rather the GDPR requires a strategy that includes a thorough understanding of your responsibilities, exposure and requirements to demonstrate compliance with the six principals of the GDPR.
AppCheck has a significant part to play in your compliance strategy, this blog post and linked PDF highlights some existing and new features introduced to support compliance with the GDPR.
One of the initial challenges facing organisations when preparing for GDPR is identifying and documenting all the places Personally Identifiable information (PII) is captured and stored.
AppCheck has added a new module that identifies any form that requests PII data from the user. Whilst in many cases forms of this nature are well known to the organisation, there may be some that are overlooked. For example, signup forms to receive a newsletter may not be at the forefront of your GDPR strategy, yet they could still be accumulating PII data which gets overlooked.
The real strength of AppCheck lies within its ability to detect critical impact vulnerabilities that could lead to a data breach. Whilst it is important that all security vulnerabilities within your web applications be addressed, some pose a more immediate threat than others. The GDPR Scan profile focuses on vulnerabilities that when exploited provide unauthorised access to databases and hosted systems. The list below highlights some of the checks performed by AppCheck, note that these are some examples from thousands of checks performed during an AppCheck scan.
Provide a detailed remediation plan to resolve vulnerabilities and compliancy failings. Rescan and track remediation efforts throughout the process.
AppCheck reports include a detailed narriative to explain each finding along with proof of concept examples provided through safe exploitation.
For further information download the pdf here Appcheck and GDPR