Application Security Assessment & Penetration Testing


Application security is frequently overlooked during security planning. Developers are under pressure to bring custom applications online quickly and security can suffer in the process. Many of these applications store sensitive data that needs to be protected even when sharing information across extranets and over the Internet. Unfortunately, the market for stolen personal information, credit card numbers, Social Security numbers, and passwords is flourishing and Internet criminals harvest information from insecure applications that haven't been tested sufficiently.

In addition, applications are often subject to government and industry compliance mandates: New York now requires documented proof that vendors have mitigated the SANS Top 25 programming errors prior to working with the state. PCI requires a secure development lifecycle, code reviews, penetration tests, and more. Regulations and standards such as HIPAA, FFIEC, GLBA, ITILv3, and ISO 27002 have general security requirements relating to application security.

Our Application Security Assessment and Penetration Testing provides an extensive and objective security analysis of your internally developed or commercial applications that looks for vulnerabilities that can lead to a compromise of sensitive data. Our service, performed by experienced and credentialed professionals, evaluates current security standards and levels of compliance against existing threats. The end result includes an analysis of application-level vulnerabilities and platform or server misconfigurations, as well as detailed recommendations for remediation.


  • Balances time-to-market demands with security best practices
  • Provides documented proof that your applications are secure
  • Identifies application security issues before cyber criminals can take advantage of them
  • Ensures the integrity and security of information assets
  • Increases user confidence that sensitive, business-critical data is protected

For further information on our Application Security and Penetration Testing Assessment service,