Project: Web App Security Audit (CIS Payroll Platform)

- or -

Post a project like this

Ends in (days)

Fixed Price

£100(approx. $134)

Posted: 1 week ago
Proposals: 25
Remote
#4464504
Open for Proposals

+ have already sent a proposal.

Description

Experience Level: Entry

We need an independent application-layer security audit of a UK CIS payroll & HMRC submission web app.

www.paycis.co.uk

This is not a basic port scan — we already have infrastructure scanning.

Scope (high level):
• Authentication & session handling
• Role-based access control (user / admin / super-admin)
• Privilege escalation & IDOR
• CSRF, XSS, injection risks
• Admin / super-admin isolation & audit logging
• Light review of existing vulnerability scan & TLS config

Deliverables:
• Short written security report
• Ranked findings with remediation advice
• Clear statement on any critical/high-risk issues

Notes:
• UK-based SaaS
• HMRC/CIS context
• No ISO or enterprise compliance work

Please respond with:
• Relevant experience
• Example reports (if available)
• Fixed price & timeframe

Robert B.

Projects Completed

Freelancers worked with

Projects awarded

30%

Last project

31 Dec 2025

United Kingdom

Robert's other projects

Starling Business API Integration (Bulk Payments)
$242

New Proposal

Clarification Board Ask a Question

15 Jan 2026

Before I begin, I’d like to clarify a few points so the audit focuses exactly where the risk matters most.

Is there a staging or test environment available for the audit, or should all testing be carefully performed on production?

Are there any recent changes to authentication, role permissions, or HMRC submission flows that you’re particularly concerned about?

Who is the primary audience for the final report, your developers, non-technical stakeholders, or both?

Once I have these answers, I can tailor the audit and reporting style precisely to your needs and move forward with no time wasted.