Security Testing Silverlight Apps
Silverlight Based Specialized Pen Testing
Similar to Flash, Microsoft Silverlight is a "thick client" application interface used to enhance users' experience. Underlying web services calls made by Silverlight are vulnerable and it is important to map those in terms of vulnerabilities and create fixes.
Silverlight is a browser entity plug-in developed by Microsoft to enable web users with a rich client side experience. At its core Silverlight has to assume that all webpages/in-browser apps are potentially malicious, and hence runs applications in a sandbox (plug-in) which allows applications to run within a defined security context safely. Modern web application heavily rely on Silverlight, and many times expose quite a few vulnerabilities.
There are 3 distinct areas within a Silverlight application which are analyzed and tested against security, in the penetration testing.
1. Deep linking
2. Isolated Storage
Same as any data storage tests however the special note is that it is client-side storage. Questions such as:
3. Back-end services
What Our Customers Say?
Valency Networks is a very techie company, focusing on a continuous improvement in service quality. Our customers like us exactly for that and that helps us keep our quality to the best extent.