Web App Pentest
Web applications are often hacker’s favorite target, and you can understand why. It only takes one small programming mistake to put a company in the news. That is why it is imperative that security be taken more seriously when it comes to applications exposed to the web. Lovik Security partners with its clients to provide a comprehensive look at your application from an attacker’s perspective. We comb over each application with a fine-tooth comb and at the end present our findings in a clear and concise report.
White Box
When it comes to testing your web application you decide how we attack it. With a white box test, Lovik Security is typically afforded credentials to the application as well as documentation and diagrams. With this head start, Lovik Security can focus on the deep inner workings of the app post-login.
Grey Box
Given general information such as diagrams and flow charts sets a grey box test apart from the other test types. In this scenario our engineers are able to hit the ground running with less recon time. This typically allows us get deeper into the application vs black box however does not provide credentialed access as is accustom in a white box test. By skating the line between these two types our clients get a happy medium between depth and realism.
Black Box
A black box pentest is the most realistic testing scenario we offer. In a Black box test, Lovik Security engineers are not given any insight into an app prior to the engagement. This provides our clients with a true look at what an attacker could see and do after first stumbling on your app. Typically that means more recon will be required with this kind of test, which can often times produce valuable findings.