NEXT completes third-party external penetration tests to independently assess the security, vulnerability, integrity and availability of the NEXT web application, at least annually.
Penetration test results
The NEXT web application is concluded to be SECURE with no vulnerabilities of any risk level observed.
In their penetration testing, Prescient Security LLC cybersecurity consultants observed the following:
Critical/high risk level vulnerability: None
Medium risk level vulnerability: None
Low risk level vulnerability: None
Informational risk level vulnerability: None
Penetration test briefing note
Download the customer briefing note from our latest penetration test, performed in October 2022, by Prescient Security LLC cybersecurity consultants.
The testing follows a consistent and structured approach, and represents a point in time assessment of the nature and extent of potential or existing exposures that may lead to a compromise of the environment. Testing is based on best practice methodologies, such as the Open Web Application Security Project (OWASP) guides (which goes beyond the OWASP Top 10 and includes 109 tests) and CWE/SANS Top 25 Most Dangerous Software Errors, in combination with other in-house developed processes and methodologies.
NEXT has engaged Prescient Security LLC cybersecurity consultants to perform web application penetration testing on an ongoing basis.