Mobile Application Penetration Testing
Threats already rampant on web applications can be equally effective on native
mobile applications, with Cross Site Scripting (XSS) still topping the list.
A Mobile Application Penetration Test is an authorised and simulated hacking attempt against a native mobile application such as Android, Windows, and iOS. The purpose of this test is to identify and exploit vulnerabilities in an application, and the way it interacts and transfers data with the backend systems.
Comprehensive Reporting
Shearwater offers in-depth executive level reporting which serves as a risk minimisation tool for management, and a technical document – listing vulnerabilities prioritised according to risk level – for the internal security team. The report also provides access to mitigation strategies based on Shearwater’s key insights into the cyber-threat landscape.
Post Engagement Follow Up
Our post engagement follow-up is an additional benefit that allows clients to engage us with questions, or seek guidance on issues referred to in our report.
Testing Standards
The Open Web Application Security Project (OWASP)
The National Institute of Standards and Technology (NIST)
Source Security Testing Methodology Manual (OSSTMM)
Penetration Testing and Execution Standard (PTES)
Penetration Testing Framework
Australian Government Security Policies and Guidelines
Customer Centricity
We listen to our clients to understand their goals. Our team also alerts security staff – in real time – to critical vulnerabilities and threats discovered.