default
+

Thank you for contacting us.


One of our expert consultants will review your inquiry.

+

Thank You


We hope you find this resource helpful.
If you have any questions, don't hesitate to contact us.

+

Thank you for contacting us.


One of our expert consultants will contact you within 48 hours.

+

Almost There!

Please fill out the form to complete your
whitepaper download

    +

    Almost There!

    Please fill out the form to complete your
    brochure download

      web and mobile application security testing

      Application Security
      Testing

      Application security testing evaluates the security of web and mobile applications to protect them from cyber-attacks. From source-code all the way up to the browser – an application security assessment measures the effectiveness of the controls you currently have in place by simulating a hack.

      Script kiddies rely on automation;
      we don’t.

      Most application security testers rely on automated testing alone. This is only the beginning of our process, which is followed by extensive manual processes to provide one of the most thorough services the industry offers. The problem with automation alone is that it is prone to false positives (e.g., incorrect findings) and false negatives (e.g., missing critical areas of the application, lack of context, chained exploits, and more). By never relying on automation, our experts explore opportunities for more advanced attackers, mimicking a real-world scenario.

      Packetlabs’ unique approach to application security testing begins with developing a threat model and taking the time to understand the overall purpose, the components, and their interaction with sensitive information or functionality. This approach enables realistic simulation of how an attacker would target your application and in turn, provides you with more value. Only after thorough analysis do we begin attempting to manually compromise each layer of defence within the environment.

      Background

      The basis of our application security testing is guided by an enhanced version of the OWASP testing methodology. The following issue types will be examined:

      configuration management

      Configuration Management

      authentication and authorization

      Authentication & Authorization

      error handling

      Error handling

      identity management

      Identity Management

      input validation

      Input validation

      session management

      Session management

      cryptography

      Cryptography

      business logic

      Business logic

      client side

      Client side

      What We Deliver

      A detailed application security report including an executive summary that outlines the overall state of the application and our technical findings coupled with recommendations

      Documentation of attacks involving multiple exploits compiled to outline how an attacker could chain vulnerabilities together to compromise your application

      A root-cause analysis to provide both tactical and strategic recommendations

      Background

      Related Resources

      April 28, 2016

      WEB APPLICATION SECURITY TESTING METHODOLOGY

      Our application security testing methodology is derived from the OWASP Top 10:2013 and has been enhanced with current threats and our overall experience in the industry.

      DOWNLOAD WHITEPAPER
      download_pdf

      101000110010101001001110010110010100010100101111001010100000001

      Background

      Ready for more than a VA scan?®

      We’ll provide you with a free, no-obligation quote for an in-depth test and analysis of
      your application’s security.