Hi, we have a small website consists of 6 pages build using react and nodeJS.
We want a security audit of the website and threat assessment based off a threat model called STRIDE.
We just want to understand what areas we have tested and what areas don't need improvement and what areas do need improvement and what those improvements are.
- You need to write up what you found into a document for us.
- And write not just the things that can be improved but also the things that are okay.
For our understanding we want to know what the possible areas of attack are and what we have done to prevent it.
We will probably use this in the ISO 27001 audit that we are doing soon.
To show documentation of our procedures.
Please start your bid with "Security Audit" so we can know you have read the requirements.