Our Application Security Testing services are driven by experts with a background in performing vulnerability research and exploit development. This unique skillset enables our team to identify vulnerabilities that cannot be identified using traditional methods of testing. Our Application Security Testing services are provided at three adjustable levels to help meet the unique cost and capability requirements of each customer. These services can be applied to Websites and Web Applications, Thick Clients, Mobile Applications, or to your existing Software Development Life Cycle. Special services are also available.
Web Applications & APIs
Ideal for testing Web Applications, Websites, or APIs. This service is highly configurable and can be delivered at either the Silver, Gold or Platinum levels. At the Silver level our team focuses on common vulnerabilities, misconfigurations, and coverage for the OWASP Top 10. At the Gold and the Platinum service level we provide a much deeper dive using Real Time Dynamic Testing™ combined with complete OWASP coverage as applicable. The final product is a detailed, hand-crafted report containing a global risk score, executive summary, full technical details including but not limited to screenshots, source code for exploits that we’ve written and simple methods for remediation.
Thick & Thin Client Security Testing
We apply over 20 years of experience in performing 0-day vulnerability research and exploit development when thick and/or think clients for our customers. Our vulnerability research methodology is highly flexible and can be applied to any technology. Our standard thick and thin client testing processes include static analysis, dynamic analysis and source code auditing (if desired). We provide a detailed report that is customized to meet our customer’s specific requirements and/or we report defects to your defect tracking system with high detail.
Mobile Application Security Testing
Mobile applications are increasing in popularity, complexity and sensitivity. While some are merely an interface to complex APIs, others store sensitive information on mobile devices. Insecure mobile applications and/or endpoints can put an organization and its information at increased risk. Our mobile application security testing services identify these points of insecurity and provide methods for resolution. We provide a detailed report that is customized to meet our customer’s specific requirements and/or we report defects to your defect tracking system with high detail.