What we test

Unlike vulnerability scanning, or automated security assessments, penetration testing is a manual exercise, simulating the techniques of a potential attacker.

Specific areas of application testing require discrete skill sets, and we’re experts at testing:

  • Web applications
  • Mobile applications
  • Web Services (APIs)
  • SAP
  • Thick client applications
  • Compiled binary applications

From common vulnerabilities to complex application logic, we test the protections, monitoring, and responses of your websites and applications – including:

  • Application logic: abuse of functionality and logical flaws
  • Authentication attacks: brute force, password validation and user enumeration
  • Authorisation: insufficient credential and session controls
  • Client-side attacks: XSS, content spoofing and HTTP splitting
  • Command execution: injection attacks and buffer overflow flaws
  • Upload functions: insufficient or ineffective input/output validation

Methodology: Web Application Assessment

Aligned with the Open Web Application Security Project (OWASP).

Download Methodology

Why Secarma

We love what we do, and we’re passionate about cybersecurity.

We continuously invest in research, technology, our people, and the depth of security services we offer.

Every company we partner with gets the full Secarma experience, where we get to know your fears, your challenges, and your business goals. Our accredited consultants then deliver a truly bespoke experience to ensure your ongoing peace of mind.

It’s through our decades of training and experience, that we’re able to help protect your business.

  • Experience An ISO 27001/ISO 9001 accredited company, we’ve provided best-in-class security services to clients since 2001.

  • Value We treat all clients as partners, and you’ll have access to our consultancy team after your report has been delivered.

  • Coverage Regional offices across the UK, plus experienced consultants operating across mainland Europe, Asia and America.

  • Education We help embed a culture of security, and teach developers how to think like hackers.


Find out how we can transform your cyber defence and fortify your networks

Get in touch
Secarma Accreditations Crest Accredited IT Health Check Service ISO 9001 IS0 27001 Cyber Essentials Accreditation