Application Penetration Testing

Applications are the most common form of security reviews conducted by Security-Assessment.com. Our expertise covers applications developed deployed using a variety of technologies. From web applications, web services to thin clients, browser add-ons, and enterprise services, Security-Assessment.com provides organisations with a real-world view of any security issues which may exist. Our testing approach consists of manual testing using a dedicated security resource that is trained to think ‘out of the box’ and identify all security issues.

Few organisations can match the experience and expertise of Security-Assessment.com in application testing. While automated tools have their place, nothing is a substitute for manual testing performed by an expert in their field.

Testing is performed in a black-box, or white-box perspective. Black box testing involves providing Security-Assessment.com only very essential information pertaining to the application, such as the URL or address. This testing is performed to simulate a malicious external user attacking the application.

Alternatively, white-box testing is performed with complete user credentials and detailed information regarding the application design. This testing approach is typically more in-depth, as more information is available to the security consultant.