Secure App

We make your app secure

How trustworthy is your app? We test your mobile application for security vulnerabilities. To make your app’s security visible to your customers, our security experts asses your application for several aspects manually or tool-based and üprovide you with a comprehensive Report including a catalogue of recommended measures, a personal certificate and the usd Seal of Approval.

How we proceed

Nicht bearbeiten!

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

Kick-off

Die Vorbereitung der Überprüfung erfolgt im Rahmen eines Kick-off Meetings remote per Telefon- oder Webkonferenz oder auf Wunsch bei Ihnen vor Ort mit den technischen und organisatorischen Verantwortlichen Ihres Unternehmens. Hierbei wird die zu prüfende Applikation spezifiziert, notwendige Zugriffswege abgestimmt, Ansprechpartner und Eskalationswege definiert, sowie der Ablauf der Überprüfung im Detail gemeinsam besprochen.

Manual research

The application and source code provided in advance are examined for potential weaknesses using static and dynamic analysis methods.

Exploitation

During this phase, our experts attempt to exploit the identified vulnerabilities in order to develop real attack scenarios or access sensitive data. A potential vulnerability can turn out to be false-positive – i.e. upon reexamination, no vulnerability can be detected. Only verified vulnerabilities are included in the final report and classified according to their criticality.

Report
You will receive a comprehensive report comprising an executive summary and a technical report. Criticality of findings and entry risks are evaluated and the corresponding recommendation for action is given.
Remediation

In this phase, the identified deviations or weaknesses are eliminated by your company. If required, you will be supported by our experienced consultants.

Optional re-testing

You have the option of having us carry out a re-examination after the remediation. We check the effectiveness of your measures and adjust the report accordingly.

Your personal certificate

When evaluating your pentest results, we follow the security requirements of the Open Web Application Security Project (OWASP). If your pentest results meet the requirements, we will gladly confirm this in a personal certificate. This way, you can also demonstrate your security standards to third parties.

Contact

 

Please contact us with any questions or queries.

 

Phone: +49 6102 8631-190
Email: sales@usd.de
PGP Key
S/MIME
Contact Form

 

Daniel Heyne
usd Team Lead Sales,
Security Consultant Pentest, OSCP, OSCE