Application Penetration Testing

Applications are the most common form of security reviews conducted by Our expertise covers applications developed deployed using a variety of technologies. From web applications, web services to thin clients, browser add-ons, and enterprise services, provides organisations with a real-world view of any security issues which may exist. Our testing approach consists of manual testing using a dedicated security resource that is trained to think ‘out of the box’ and identify all security issues.

Few organisations can match the experience and expertise of in application testing. While automated tools have their place, nothing is a substitute for manual testing performed by an expert in their field.

Testing is performed in a black-box, or white-box perspective. Black box testing involves providing only very essential information pertaining to the application, such as the URL or address. This testing is performed to simulate a malicious external user attacking the application.

Alternatively, white-box testing is performed with complete user credentials and detailed information regarding the application design. This testing approach is typically more in-depth, as more information is available to the security consultant.