wave-1 wave-2

Security Testing

We test applications and systems for security.
Security Testing

Security Testing

Whether you're concerned about the security of a single application or a diverse system, our security experts work with you to develop a personalized plan to meet your application needs.
  • price of the application
  • Improved security
  • Continuous DevOps security programs and training
  • solutions tailored to your goals and budget
S Security Testing

Service catalog


Risk assessment

  • App Architecture Overview
  • Program Code Overview
  • Database audit
  • Testing mobile apps
  • WIFI infrastructure assessment and false access points search
  • Firewall security rules audit
  • Automated scans of infrastructure and application modules
  • SCADA Process Control Audit
  • Assessment of the security level of IoT solutions, autonomous machines
  • Verification of external suppliers
  • Cloud Services

Verification of compliance with standards

  • ISO/IEC 27000- 27999 (Information Security Standards)
  • PCI DSS (Payment Card Industry Data Security Standard)
  • GDPR: General Data Protection Regulation (GDPR)
  • Secure software Manufacturing (SDLC) process audit
  • SOC reports

Protection of property and privacy

  • Social engineering
  • Access control audit
  • CCTV control
  • Detection and analysis of Trojan and Malware attacks
  • Building user awareness


  • Evaluation of safety procedures
  • Incident reporting mechanisms
  • Creating restore and backup procedures
E Automation of safety scans

An example
of the steps and areas to be tested

Risk assessment

Risk assessment

Security auditing

Security auditing

Penetration testing

Penetration testing

Posture assessment

Posture assessment

Security scanning

Security scanning

Vulnerability scanning

Vulnerability scanning

An example download


Examples of areas being subject
of WEB application tests


Gathering information

  • Socio-technical techniques
  • Server Detection
  • Identification of entry points
  • Application architecture mapping

Configuration and installation management

  • Configuration of network infrastructure
  • Search for administrative access
  • Protection of sensitive files
  • HTTP methods
  • HTTP Strictly Transport Security
  • RIA cross domain policy

Identity management

  • Defining roles
  • Registration process
  • Account management policy

Authentication process

  • Data Channel Test
  • Password management mechanism
  • Bypass authentication
  • Cache risk
  • Alternate authentication channels

Authorization process

  • Directory/path traversal
  • Avoiding the authorization mechanism
  • Permission escalation

User session management

  • Avoiding the session mechanism
  • Cookie attributes
  • Exposure of classified data
  • Logout functionality
  • Session cancellation

Input validation techniques

  • Manipulation of HTTP commands
  • Change of parameters
  • “Injection” attacks

Error handling


Weak cryptographic mechanisms


Vulnerabilities of the code on the customer side

Collaborative models

Customer teams

A service dedicated to customers with project teams. We provide quick support with missing competences.

Teams at B2Bnetwork

We can use our hardware and software. We implement a system that allows you a continuous monitoring

Billing models

Fixed - Price

Specific scope of the project, requirements, lead time and price.


The project budget depends on the work needed to be done.

Time&Material with a limit

We determine the scope of work with a budget limit and lead time.

See if we can help you with software tests.

Make an appointment for a short, several-minute conversation, during which we will jointly check whether cooperation with us will bring changes for your project.

Do you have any questions?

Contact us!

Artur Twardowski Business Development Manager +48 795 022 922