Need to have a penetration test conducted on a single server. The site should not be modified in any way, but instead you should provide a description of how the site was penetrated so that we can fix it. Also include a list of all the attack methods you tried and if they succeeded or failed. This needs to be done periodically, so there will be more work in the future for a successful security consultant.
1) All deliverables will be considered "work made for hire" under U.S. Copyright law. Employer will receive exclusive and complete copyrights to all work purchased. (No 3rd party components unless all copyright ramifications are explained AND AGREED TO by the employer on the site per the worker's Worker Legal Agreement).
Linux server running a jsp/java web app.