Templates
Information Security
Application Security Audit Checklist Template

Application Security Audit Checklist Template

Run this checklist whenever you need to perform an application security audit.
1
Introduction:
2
Create model of application
3
Approval: Application model
4
Make sure the application’s authentication system is up-to-date
5
Restrict access to application directories and files
6
Implement session expiration timeout
7
Forbid multiple concurrent sessions
8
Provide least privilege to application users
9
Implement CAPTCHA and email verification system
10
Use encryption algorithms that meet data security requirements
11
Avoid vulnerable API or function calls
12
Run security audit on source codes
13
Conduct web application vulnerability scan
14
Conduct penetration test
15
Sources:
16
Related checklists: