Do You Know Your Weaknesses?

An Extensive Security Analysis of your Software Creates Trust.

Improve Your IT Security with Us

A security audit (also known as a white box test) is the preferred and recommended action by our experts to detect security vulnerabilities. In this process, our testers have knowledge of the software (source code, development environment, diagrams and documentation) and access to a test system. In contrast to the black box test - in which the audit is preceded by time-consuming information gathering - the provision of the technical details in the security audit makes it possible to quickly and efficiently check your IT systems for possible vulnerabilities. Security should not be based on the fact that the attacker does not know the source code - on the contrary, it must be so secure that your system is invulnerable despite its source code knowledge.

Rely on Individual Tests

The quality of the source code is crucial to the security of your programs. A source code audit identifies weaknesses in the functionality and structure of your application. Hacker attacks can thus be prevented. Using state-of-the-art programming techniques and processes, we demonstrate solution-oriented measures to address the vulnerabilities in order to optimize the quality and security of your programs. The findings that our specialists discover in the source code, will be checked on the test system. So they can make sure that they have really found a security gap.

In our service portfolio, you will only find manual tests - because no automated solution replaces the experience of a trained analyst. Not only do we show "standard errors", we also test your system for its individual vulnerabilities.

Project Schedule

  • ✓ Planning and preparation: Here we need the source code and all documentation (diagrams, plans, API documentation, etc.) as well as a test system where we can verify the findings.
  • ✓ Project implementation: First, we will use the documentation to analyze the structure of the system and possible vulnerabilities. Afterwards we search for gaps on the basis of defined criteria (OWASP Top 10 2017, OWASP Mobile etc.). If we find anything, we verify the findings on the test system.
  • ✓ Documentation: You will receive a detailed test report summarizing the results. We value the fact that both the management and the technician can get an idea of the findings. The test report also contains a detailed description of the activities and results carried out as well as a result table including risk assessment and, if necessary, further test recommendations.
  • ✓ Retesting (optional). Our experts will check if you have fixed all security gaps.