Web Application Testing
Our testing attempts to identify insecure web server software, application functionality and configuration settings that are susceptible to both common and custom attacks that could result in data compromise, elevated privilege or administrative application control, or reputation damage. We perform testing of the application from the perspectives of both an unauthenticated and authenticated Internet hacker and cover the OWASP Top Ten. We validate and eliminate false positives for vulnerabilities identified through automated testing.
Mobile Application Testing
Our mobile application testing methodology is distinctive, using open-source tools with published and custom methods to test app security controls and demonstrate potential risks to sensitive data on mobile devices. We assess the following areas:
- Authentication & Access Control
- Encryption Key Management and Cryptographic Methods
- Information Disclosure Flaws
- Dynamic Runtime Analysis
- Reverse Engineering
- Other Client-Side Attacks
- Network Traffic Analysis
- Misuse Detection and Response
Let us know if you would like us to provide application testing services for you by completing the contact form.