Your browser has been detected as Internet Explorer 6 or lower. Please note that some website functionality may be incompatible. Therefore we strongly recommend upgrading your browser.

About Us

Testing Services

7Safe Services

Follow us on

  • Follow us on Twitter
CREST Approved Pen Testing services

RSS News & Events

Application Penetration Testing – Security Pen Testing Experts

Web Application Security

7Safe specialises in web application penetration testing security, finding weaknesses by undertaking application security penetration tests . The field has become complex and our people believe that applications present the greatest risks to organisations as a whole.

The techniques, tools and methodology used by 7Safe’s application penetration testing team are constantly updated to ensure that application security is assessed both for the conventional (SQL Injection, Cross Site Scripting and other OWASP “Top Ten”)  as well as the latest cutting edge security vulnerabilities. Web application testing tends to therefore do away with tools and instead focus on years of experience in web application security often using nothing more than a browser and strong intuition.

Web Application Penetration Testing Security Experience

Over the years 7safe has built up significant experience in a variety of application penetration testing scenarios including:

  • Online Banking
  • Gambling & Gaming
  • HR & Payroll systems
  • Customer Relationship Management
  • Content Management Systems
  • Social Networking Sites
  • Overall Web 2.0 applications & content
  • Binary Applications

Application Penetration Testing: Technologies

7Safe’s application pen testing team has assessed applications written in many different technologies. The applications are assessed and tested against conventional security issues such as;

  • Cross-Site Scripting,
  • SQL Injection,
  • Cross-Site Request Forgery,
  • File Include,
  • Direct Object Reference etc.

… as well as business logic bypass issues to assess any risk to unauthorised access to information (i.e. rather than testing from the front door, what can be seen laterally within an application with genuine but possibly stolen credentials?).

Application Penetration Testing: The Importance of Careful Scoping

Prior to penetration testing applications, 7Safe consultants spend time in understanding the application’s functionality in depth to identify different features offered by the application such as;

  • Functionality,
  • Roles,
  • User privileges,
  • Nature of information processed by the application etc.

Identifying all such aspects of the application during the web application testing process helps 7Safe’s application penetration testing testing team to;

  • assess associated risks linked to the application &
  • determine what level of access would be required to identify attack vectors which could result in such risks.

This information is then submitted to our client and the relevant levels of access obtained for carrying out the application security testing.

Clarity of Application Penetration Testing Reports

The results of application penetration testing are documented in the form of a full technical report. Each issue identified within the application penetration test is then explained with all technical details along with steps/guidelines on how this issue can be recreated by our client. Along with each issue identified during the web application security penetration testing process, 7Safe’s team provides recommendations on how an issue can be properly addressed.

The application pen test report also has an ‘executive summary’ section containing management-level information,  written in plain English. We also present an overview of the overall level of web application security and our major concerns (along with the steps which should be taken to further improve security).

7safe’s application penetration testing team prides itself in undertaking constant research to identify new/emerging threats within the areas of web application security and our team members are subsequently invited to speak at leading IT security conferences around the globe.

Binary Applications Citrix Breakout Assessment Code Review

VN:F [1.9.22_1171]
Rating: 4.0/5 (30 votes cast)
Application Penetration Testing - Security Pen Testing Experts, 4.0 out of 5 based on 30 ratings
ISO 27001 & 9001
7Safe London
123 Buckingham Palace Road
London, SW1W 9SR
United Kingdom

Tel: +44 (0)870 600 1667
Fax: +44 (0)122 328 1114
7Safe Cambridge
Cambridge Technology Centre
Melbourn, Herts SG8 6DP
United Kingdom

Tel: +44 (0)870 600 1667
Fax: +44 (0)122 328 1114