Hire an Agile Team for your business
Create your own agile squad with experienced members for your business.
Basic Security Audit for Zen Cart
- Description
Description
Zen Cart Basic Security Audit
Security for any e-commerce site is a must for the safety of your customers billing information and the financial safety of your organization. There are many points of failure, or vulnerabilities, in an e-commerce environment. Even in a simplified e-commerce scenario, such as Zen cart, many potential security vulnerabilities exist. Whenever a user contacts a website and gives his credit card and address information, there are a number of systems and networks involved. Each system and network has security issues due to the following features of online purchases:
- A user must use a website and at some point identify or authenticate himself to the site. Typically, authentication begins on the user’s home computer and its browser. Unfortunately, security problems in home computers offer hackers other ways to steal e-commerce data and identification data from users.
- The user’s web browser connects to the merchant front-end. When a consumer makes an online purchase, the merchant's web-server usually caches the order's personal information in an archive of recent orders. This archive contains everything necessary for credit card fraud. Further, such archives often hold 90 days' worth of customers' orders. Naturally, hackers break into insecure web servers to harvest these archives of credit card numbers.
- The merchant has a back-end and database. A site’s servers can weaken the company's internal network. This is not easily remedied, as the web servers need administrative connections to the internal network, but web server software tends to have buggy security. Here, the cost of failure is very high, with potential theft of customers’ identities or corporate data. Additionally, the back-end may connect with third party fulfillment centers and other processing agents. Arguably, the risk of stolen product is the merchant's least-important security concern, because most merchants' traditional operations already have careful controls to track payments and deliveries. However, these third parties can release valuable data through their own vulnerabilities.
This is a simplified model of an e-commerce architecture. Yet even in its simplicity, there are a number of security problems. Encrypted e-commerce connections do little to help solve any of these issues except for network security problems. While other problems might be ameliorated by encryption, there are still vulnerabilities in the software clients and servers that must use the data. For this reason, a Basic Security Audit will review the following areas:
- Root Kit Detection
- Zen Cart PHP and SSL Certifications for hacks and security breaches
- Discover SQL Errors
- Ethical Hack for Security Vulnerabilities
- Zend Engine Review (the platform on which Zen Cart runs)
- Version Check Security Packaging
A Basic Security Audit normally takes approximately 4-5 hours. When a Numinix professional has completed the Basic Security Audit, a professionally prepared report will be forwarded to you outlining the problems and estimating how long it will take to correct each area, along with how much it will cost, so that you can begin to build your budget accordingly.
Purchase this audit as a part of the Development Roadmap and receive a significant discount on this and other essential audits.
No reviews yet. Be first to write a review.
Related Products
Service Policy
Our stated prices for all modules we install are based on installation into the default platform configuration. We always ensure your logo and basic color palette are in place when we install a plugin. However, any additional "custom" styling, design work, or derivitive tasks generated due to a site's non-default configuration could require additional prepaid programming hours.
This plugin is open source and requires ionCube Loader v4.4 or later to be compiled with PHP in order to install and upgrade the plugin. All orders are automatically subscribed to the billing frequency selected at the time of purchase. Recurring billing can be cancelled at any time. Once your license has expired, a new license will be required in order to continue using the plugin.
3.2.1 Version History
Version notes
Compatibility changes for PHP 7.4
Added
- catalog/YOUR_ADMIN/includes/installers/feac/3_6_0.php
Modified
- catalog/YOUR_ADMIN/includes/auto_loaders/config.numinix_plugins.php
- docs/Fast and Easy AJAX Checkout/readme.html