Security audit of an application for customer advisors by means of a web application penetration test, code review and configuration review