Security Testing

The key element in building a positive user experience is a sense of security and trust between the provider and the client.

Why?

No matter what kind of product/service you offer, the most important thing is that it’s safe for your business and your users. The multitude of digital contact points offers a company enormous sales opportunities, but also increases the opportunities for potential internet crime. Hackers’ attacks have always been a huge threat. We are here to help you minimalize this threat and secure your image and clients’ trust.

What and how do we do it?

Web (www) Security Audit:

We carry out comprehensive audits and tests that verify the presence of the following:

  • Injection
  • Broken Authentication and Session Management
  • Cross-Site Scripting (XSS)
  • Broken Access Control
  • Security Misconfiguration
  • Sensitive Data Exposure
  • Insufficient Attack Protection
  • Cross-Site Request Forgery
  • Using Components with Known Vulnerabilities
  • Underprotected APIs

Application (iOS/Android/Windows) Security Audits

During security testing, both server and application components are examined. Also, penetration tests will be conducted in the following areas:

  • Improper Platform Usage
  • Insecure Data Storage
  • Insecure Communication
  • Insecure Authentication and Authorization
  • Insufficient Cryptography
  • Client Code Quality and Code Tampering
  • Reverse Engineering
  • Extraneous Functionality

Infrastructure and network device security audits

Application security is one thing, the security of the devices being used by the applications is another. However, both are equally important. Security testing includes the scanning of any network device – eg. server, router, firewall, wireless access point – from the Internet or Intranet. In summary, after the test is completed, the client receives a detailed report of device vulnerability and recommendations for repairing those errors and eliminating threats.