The goal of the penetration tests is to continuously evaluate the security level of the platform. As our platform evolves, an external company conducts regular controls, including:
All results will be documented in a final written report.
Automated non-invasive scans of the platform are performed using analysis software and all access and testings are logged. Scans are run using common software tools.
Common attack patterns and vulnerabilities, including the Top 10 Application Security Risks of the Open Web Application Security Project, are being tested by non-invasive scanning methods.
In addition to the vulnerabilities found, the external company's security experts evaluate possible attack scenarios and provide noninvasive tests that allow us to assess the risks presented.
During reporting, the weak points and concepts created are evaluated, classified and recommendations derived. These are prioritized by us and appropriate measures taken.
Carried out in calendar week 21
Carried out in calendar week 36
Carried out in calendar week 26
autocomplete="off"attribute has been added to the login pages.