Penetration Testing, Vulnerability Assessments,
Source Code Analysis and more.
Motivation
To ensure the security of your applications, they must be checked for vulnerabilities by experienced IT security experts. Vulnerabilities occurring during productive operation can not only lead to the loss of highly sensitive (customer) data, but also jeopardize the entire company security. In contrast to in-house quality assurance, an external and independent team of experts ensures that the most unbiased view possible is taken and that there are no blind spots.
Penetration Test
A penetration test is a professional and deep analysis of your application down to the last detail. The goal of the measure is to detect concrete vulnerabilities and identify sensitive hotspots. By fixing the found vulnerabilities and implementing further targeted security measures at critical hotspots, the application can achieve the desired level of security.
Vulnerability Assessment
The little brother of the penetration test. In terms of its intensity, the vulnerability assessment is usually significantly below that of a penetration test. Different applications naturally have different security requirements - an application for collecting sensitive health data has different security requirements than the contact form on your website. In order to put this distinction into practice, we offer measures of different intensities and degrees.
Source Code Analysis
Some vulnerability classes can be identified in a much more targeted manner by analyzing the underlying source code. Especially in combination with a penetration test or a vulnerability assessment, source code analysis is a highly efficient way to identify and fix even deeply hidden vulnerabilities. The combination of the experience of our IT security experts with that of our software developers forms the spearhead of our work here.
Blackbox or Whitebox?
In the case of the activities described above, such as penetration testing and vulnerability assessment, there are opportunities to significantly increase the efficiency of the measure by choosing the white box test approach. In contrast to the black box test, our experts have significantly more information at their disposal. This can mean, for example, that insight into the source code of the application is granted, or insight into log files is made possible during the tests. Access to one of your application experts, who can answer or forward specific questions at any time, also leads to significantly better results.