Software Security Testing Services

Minded Security performs software security analysis in white box mode (Code Review) and black box mode (Zero Knowledge Testing).

The following are Minded Security's Software Security Testing Services:

Manual Secure Code Review: the Code Review activity consists in the process of auditing the source code of an application to verify that proper security controls are present, that they work as intended and that they have been invoked in all the right places. We have a strong experience that permits us to evaluate software using our manual methodology and utilizing commercial and open source tools.

Advanced Web Application Penetration Testing (WAPT): during an Advanced Web Application Penetration Test we test all the security controls implemented by the application to evaluate the security of the software with a black box approach. Then we give fixing support to our customers' developers team.

Mobile Application Security Assessment: during a Mobile Application Security Assessment we test all the security controls implemented by the application to evaluate the security of the software with a black box approach. Minded Security performs Assessment of Mobile Applications for the Apple iOS, Android, Blackberry and Windows Mobile platforms.

Client Side Security Assessment: with a Client Side Security Assessment, Minded Security wants to offer to its customer the possibility to take advantage of the DOMinatorPro technology without the need of buying a license. Our consultants will scan your website using DOMinatorPro Enterprise and manually investigate the results in order to identify false positives and true vulnerabilities.

Web Services Testing: in this case we have two actors: the Web services consumer and the Web services supplier. Web Services use XML messages via SOAP and every interaction can be modified. Web Services can result vulnerable to different type of attacks such as Data Validation attacks that test the XML parser vulnerabilities.