Your Basket
Cyber security for any size of business
CREST member company
Team of friendly certified experts

Mobile Application Penetration Testing

Mobile Application Penetration Testing

Your mobile applications are an extension of your business in the hands of your clients. Mobile Application Penetration Testing is all about testing those apps. Making sure that your mobile applications are well secured and conform to all of the current data protection legislation is paramount. It is equally important to make sure that the endpoints your mobile applications talk to are well secured, so attackers are not able to access sensitive data from them.

Our mobile application testing package will test one android or apple mobile application from three perspectives. We will test the static application and look for code weaknesses. We will test the application in a dynamic form, as a user would use it and look for business logic and procedural security weaknesses. Finally we will test the endpoints that the mobile application communicates with to ensure that it is fully secured.

Please see the conditions section below for more information on what is included.

Why is it important
Our Mobile Application Penetration Test identifies vulnerabilities and security weaknesses that are present within your mobile application and the systems that they communicate with. Weaknesses and vulnerabilities often originate from poor coding practices, hardware interactions, ineffective system configuration parameters and weak security system controls. 

Our mobile application penetration testing service will help you: 

  • Gain real-world insight into your vulnerabilities; 
  • Identify any missing patches; 
  • Identify weak configurations;
  • Harden software and systems;
  • Identify where inappropriate services that increase your exposure

What the test entails
We will perform a complete infrastructure level penetration testing following the OSSTMM (Open Source Security Testing Methodology Manual) and PTES (Penetration Testing Execution Standard) methodologies. These methodologies ensure we identify any weaknesses that could allow an attacker to compromise the network, the data stored within it, or the devices hosted.

One of our CREST-certified testers will perform your penetration test. The test will:

  • Conduct a series of automated vulnerability scans
  • Carry out a range of manual tests using a methodology closely aligned with the OSSTM and PTES methodologies
  • Provide immediate notification of any critical vulnerabilities to help you act quickly
  • Produce a detailed report that identifies and explains the vulnerabilities prioritized by the risk posed to your business, not based on CVSS scores; 
  • Identify a list of recommended countermeasures to address any identified vulnerabilities;
  • Include an executive summary that explains what the risks mean in business terms. 

Our Mobile Application Penetration Test is priced for the assessment of a single android or apple based mobile application.

All testing is performed from our offices and will require you to supply the application code. We are unable to download the code and test using the versions from the app stores.

COVID-19: remote delivery options
Despite the current COVID-19 situation, we remain fully operational and at your disposal. Hedgehog fully embraces flexible and remote working. We adjust our delivery methods to provide consultancy services, penetration tests, and training remotely where necessary. Hedgehog fully embraces flexible and remote working. We adjust our delivery methods to provide consultancy services, penetration tests, and training remotely where necessary.

Why choose Hedgehog
We only use experienced penetration testers to carried out client penetration tests. Our penetration testers have the necessary technical skillset, qualifications, and industry experience. They have the strong technical knowledge and proven track record needed to enable a successful penetration test. Our testers can carry out safe exploitation of applications and systems, advising on the appropriate mitigation measures required to ensure that your systems are secure.

Our CREST-certified penetration testing team will provide you with clarity, technical expertise, and peace of mind. Our experienced testers will have reviewed your scoped environment, tested it to the fullest during the time permitted, and will provide you with a detailed report.


Contact Us

Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.