At the request of eShare, Portcullis Computer Security Limited performed a security assessment of the eShare 2010 application and surrounding infrastructure.
Testing was conducted between the 15th and 18th of November 2010 by a dedicated assessment team, comprised of specialists in information security.
Portcullis applied the same test principles that would be applied against critical systems such as those used by banks and government agencies.
Portcullis found the external infrastructure (including the firewall) and the web server itself to be very well configured and was not able to access eShare in an unauthorised manner.
By the end of a rigorous penetration test process, no major issues were found that would lead to direct compromise of the solution. Overall, Portcullis found eShare to be a robust application that is suitable for exposure over the Internet.
Read the full report...