Throughout ProCheckUp’s 18 years of experience in auditing web applications, both the web application functionality and complexity has increased as well as the range of platforms supported. To meet these demands ProCheckUp offers a wide range of web application auditing services from standard web browser applications, mobile applications, thick client applications as well as web services API. All application auditing is conducted manually by our highly-qualified penetration testing experts, with the aid of tools. We believe that tools should never be solely relied upon to find issues – with many issues would have been missed if we relied on tools alone.
Regardless of the application being tested, at ProCheckUp we have always believed that one of the most important, and often overlooked phases, is to fully analyse and understand the application before jumping in and looking for the OWASP top 10. Each application is unique, and should be treated as such. During this initial phase, our experts will start to formulate an attack plan by identifying the areas which require the most focus, whilst still ensuring maximum coverage and identifying the areas that would most likely be targeted by an attacker. ProCheckUp will identify the most serious threats to the company in the context of each application. In addition, ProCheckUp will engage with the client during scoping to determine if the client has any key areas of concern.
ProCheckUp’s application testing methodology can be provided upon request.