Implementing Security by simulating attacks

Penetration Testing – Applications



Applications are one of the most common entry points to company infrastructure for a hacker. Because they are most often exposed to the entire world, they become a common attack vector. One of the primary issues with applications are that they only require one bad line of code to result in a vulnerability that can cost you millions.

Attacks on your applications can result in:

  • Personal Data Leak
  • Credit Card Information Leak
  • Loss in revenue from service downtime
  • Access to internal infrastructure through pivoting

What is it?


Penetration testing applications to find vulnerabilities and exploit them, while giving concrete remediation tactics. Attacking specified applications that you wish to secure further.

Typical types of applications to test:

  • Web Applications
  • Mobile Applications
  • Software
  • Embedded

In areas like:

  • E-Commerce
  • Online Banking applications
  • Intranets
  • Other critical business applications

How is it done?


By using a combination of manual testing, together with automatic tools to attack the applications.

Our Approach:

  • Starting broad, ending narrow
  • Finding vulnerabilities
  • Exploiting vulnerabilities
  • Documenting the process and creating remediation strategies

Typical Attack methods:

  • Injection Attacks
  • Broken Authentication
  • Cross Site Scripting
  • Insecure Deserialization
  • Sensitive Data Exposure
  • Broken Access Control
  • Default Credentials

What do we deliver?


A structured report detailing the found vulnerabilities and the recommended remediation strategies.

Get in touch with our expert

Kasper Brandt, Nordic Cyber Security Lead