We make your application secure.
Faster, easier, cost-effective.

We do penetration tests. Penetration tests are the easiest way to test the security of IT systems.

We test web applications, mobile apps, client/server applications and much more.

We have been successfully doing security analysis for over 10 years.

We have made penetration testing and the entire process radically easier.

Efficient processing – fast execution – low costs.

Machines will never do the testing, with us it’s always the qualified expert!
We make no concessions to quality.

CLICK HERE FOR FIXED PRICE OFFER

What do we do?

We do penetration tests. Penetration tests are the easiest way to test the security of IT systems.

What do we test?

We test web applications, mobile apps, client/server applications and much more.

We have been successfully doing security analysis for over 10 years.

What’s new?

We have made penetration testing and the entire process radically easier.

Efficient processing – fast execution – low costs.

How do we test?

Machines will never do the testing, with us it’s always the qualified expert!
We make no concessions to quality.

Our Services

Full Test

Your application will be meticulously and comprehensively tested for all imaginable security issues. The complexity of the test will be custom tailored to the needs of the application. This way you will receive the maximum results for minimal costs.

Request your offer!

Quick Test

The quick test offers an indication for assessment of your applications security level, for a set price. This is the best option when an existing application has to comply with security requirements for the first time.

Request your offer!

Custom Requirements?

You’ve come to the right place. We cover the entire spectrum of application security! Trainings, consultations, source code analysis, project support and much more.

Request your offer!

What makes us so special?

The experience of 15 years and thousands of tested apps.
We are the penetration testing team of mgm security partners!

Knowledge

The capabilities of our experts are based on deep, profound knowledge.
The wealth of experience accumulated in our knowledge pool and the exceptional expertise of our testers offer the highest level of reliability when it comes to finding vulnerabilities.

Our seminar program reflects our competency. This is where we pass our knowledge to technical oriented IT staff and software developers

Efficiency

We are committed to perfecting the art of pen testing. Obviously from the technical side – but also when it comes to the organisational aspects. The friction-free, efficient processing is an essential factor for quality.

One of the pillars of our efficiency is our highly capable reporting tool, which we developed ourselves.

Experience

We’ve been in business for 15 years. And we know what we are doing. You can rely on us for the security of your applications.

We are both software developers and security enthusiasts, and it’s effortless for us to recommend countermeasures that developers can apply with ease.

Using tools to do pen tests of web applications might only be a click of a button, but by doing so you accept significant losses to the security.

Machines will never do the testing, with us it’s always the expert!

They make use of a toolbox with a variety of tools that unfold their maximum performance and efficiency under their control.

What do we test?

Web Applications

It does not matter if it’s a single page application with comprehensive Javascript code in the browser or a powerful E-commerce solution with complex business logic in the server application, we analyse all types of web applications thoroughly for their security.

Web Services

Server applications that use standard interfaces (usually based on JSON or XML) and which are used regularly by more than one client application have a set of potential security problems on their own. These are examined in addition to those vulnerabilities inherent to server applications.

Rich Clients

Applications that communicate with a server application through the HTTP-protocol, and that do not run in a browser or as an app on a mobile phone, are called Rich Clients. In these cases, we apply custom testing techniques that are tailor-made for the software technology at hand, with assistance of specialized tools.

And much more ...

For Example: Mobile Apps, Docker Environments, …

We test everywhere!

Over The Internet

Is your application hosted on your own or third-party web server? Then it is most likely accessible over the internet and can be easily made accessible for us.

At Your Premises

Is your application located in your internal network?

Our experts can also come to your premises, but setting up a secure, remote access is the lower-cost alternative, and we will gladly assist you in this.

In The Cloud

The risks of an unsecure web application differ for each cloud hosting service. And every hosting service has their own rules for penetration testing. We’ll take care of these matters for you, regardless whether it’s AWS, Azure or any cloud hosting service.

mgm Security Alerts

News from the world of web application security.

Several Spring Vulnerabilities

Pivotal has published several severe vulnerabilities related to Spring components. Your project may be affected if one of the following components is used: Spring Integration, Spring Web Services, Spring Batch.

SAP Hybris Commerce

A Cross-Site-Scripting vulnerability in SAP Hybris Commerce was announced and patches were provided.

Kubernetes

This vulnerability opens the possibility to create a connection through the Kubernetes API server to a backend server. This connection can be used to send arbitrary requests to the backend server.

Read more in our Security Alert section.