Mobile and Web Applications Penetration Testing

Mobile and web application penetration testing detects vulnerabilities and flaws, together with potential attack vectors.

What we do:

  • Analyze the runtime environment:
    • Analyze configurations,
    • Analyze dependencies in your applications, versions and vulnerabilities of third party components,
    • Search for syntax errors that violates application behavior
  • Manually analyze your applications:
    • Analyze Role-Based Access Control (RBAC) policy,
    • Find possible misuse of application functionality,
    • Analyze vulnerabilities caused by insecure runtime environment settings,
  • Automate code visualization:
    • Generate a call graph,
    • Create tests to cover all application calls,
    • Make a map of insecure calls by static and dynamic analysis
  • Search for the following vulnerability types:
  • Lack of user data filtering,
  • Lack of authorization for resource access
  • Lack of authentication
  • Insecure operations in OS and file system
  • Insecure operations in third party services (LDAP, DBMS)

Results

You could improve mobile and web applications security to prevent possible financial damage.


Order

Reasonable and appropriate measures are taken to ensure that your personal data is protected from unauthorized access or modification, unlawful destruction, and improper use. No information provided by you will be made available to third parties. Personal data will be held only for as long as is necessary for the purpose for which it is provided and, in any event, will only be kept for 24 months after any application you have made has been completed. By submitting your personal information, you consent to the use of your information as set out in this statement.