Web applications

Your application will be tested for technical vulnerabilities in the course of the penetration test. We check for classic vulnerabilities, like Cross-Site Scripting (XSS) and SQL-Injection. Furthermore, we verify that the authentication and authorization management works as intended. We orientate ourselves towards the OWASP top ten, as well as the Application Security Verification Standard (ASVS) and contribute with our many years of experience.

In the first step, you receive a detailed checklist with requirements we have for the assessment. With the start of the audit, we have a joint preliminary discussion, to clarify details and to become familiar with the application. We start the penetration test immediately afterwards. We utilize a checklist to ensure that no important subject is missed. We also implement a more creative part, where the auditor is testing freely. We document the results in a detailed report, which is addressed in a concluding discussion.

You receive a detailed report with the identified vulnerabilities from us. We extensively explain the criticality of the vulnerabilities and what impact they have on you effectively. We provide you with all the means to reproduce the found vulnerabilities yourself. Furthermore, we include specific instructions on how to sustainably remedy the vulnerabilities. You receive the report within one week in advance of our concluding discussion, allowing you to read it carefully and prepare any open questions. Naturally, we are available for any ensuing requests as well.