Minded Security performs applications security analysis in white box mode (Code Review) and black box mode (Zero Knowledge Testing). Our competences include innovative technologies as Web Services, AJAX and Flash Security Testing. Minded Security executes also DB Auditing and Fraud Simulation.
Minded Security is the first Company worldwide that delivers Flash Security Testing services.
The following are the Minded Security Testing Services:
Code Review: the Code Review activity consists in a systematic analysis of the source code of the application with the goal to seek for security issues. We have strong experience that permits us to evaluate software using our manual methodology or utilizing commercial or open source tools.
Web Application Penetration Testing (WAPT): during a Web Application Penetration Testing we test all the security controls implemented by the application to evaluate the security of the software with a black box approach.
Web Services Testing: in this case we have two actors the Web services consumer and the Web services supplier. Web Services use XML messages via SOAP and every interaction can be modified. Web Services can result vulnerable to different type of attacks such as Data Validation attacks that test the XML parser vulnerabilities.
AJAX Testing: we test Web 2.0 applications that introduce a new layer client side introducing a new set of possible tests.
Flash Application Testing: thanks to our Research Lab, we can test flash applications using methodology and tools developed by Minded Security.
DB Auditing: we perform DB audit (DB Oracle, MySQL, SQL Server) with the goal to seek technical vulnerabilities that could permit not authorized access to the DB.
Fraud Simulation: we simulate frauds to verify if it is possible for users with particular privileges to abuse the application logic and commit a fraud. The test shows logic vulnerabilities that are implemented in a not correct way.