Services

Application Penetration Testing
Infrastructure Penetration Testing
Social Engineering Tests
DDoS Attacks Resistance Tests
Red Teaming/Purple Teaming Tests
Security audits

Application Penetration Testing

Applications are now a frequent target of cyber-attacks, whether from proprietary or ready-made solutions. Penetration tests carried out by our specialists will reveal any vulnerabilities in your application before someone else less friendly does!

Penetration tests are wide reaching and cover web, mobile (for Android and iOS) and network applications so you know your systems are safe.

There are three types of application pen tests that define their scope and time consumption:

BlackBox

We run those tests just as any outside attacker would – probing through any public access point to find a way inside. These tests can show you crucial weaknesses on the surface of your defence.

GreyBox

Building on a complete Black Box test, we use multiple, varied accounts such as Administrator, Moderator or any other role. These tests can secure your system from the malicious internal activity and show additional systemic vulnerabilities.

WhiteBox

Our most advanced includes a full scope of Black and Gray Box tests. Here, our specialists have access to the application source code, so they can to test for deeply rooted vulnerabilities. By analysing technical documentation we eliminate design and logical errors in the application.

During web applications penetration tests we use OWASP TOP 10 (2017) methodology, additionally in White Box model we use OWASP ASVS 3.0/4.0 methodology to verify the correctness of implementation of specific application elements that impact security.

During pen tests of mobile applications, we use OWASP MSTG (1.1.2) methodology for mobile applications, additionally in White Box model we use OWASP MASVS (1.1.4) methodology to verify implementation correctness of specific security-related application elements.

In the case of network application penetration tests,we rely on good security practices related to a given model of network communication (client-server, server-server, peer-to-peer) and a set of technologies used: operating system, programming languages used to create applications. In the case of tests in the White Box model, we perform code analysis in the following programming languages: PHP, JavaScript, C#, Java, Python, C/C++, Objective C.

Application penetration tests benefits:

Tests reveal application vulnerabilities that might put your protected data at risk

Vulnerability assessment of on-line application component

Reducing potential costs of unavailability of service in case of a successful attack

Testing increases the level of security of your organization, customers and business partners

Want to get more information?

Our specialists are eager to help you out!

CONTACT US