The Big Application Security Penetration Testing FAQ for Clients
Have you ever wondered what a pentest is exactly, how such a test works or what is needed for it?
Unfortunately, many of these questions cannot be answered quickly in 1-2 sentences.
“Where can I find all the information I need to do this?” you may ask. Very simple: Here! The Big Application Security Penetration Test FAQ For Clients.
We have compiled a collection of questions from all our years of experience. This contains everything you should know before, during and after commissioning an Application Security Penetration Test. Here you will find questions such as: “What is this, a vulnerability?“, “Do you find all vulnerabilities with a pentest?” or “How often should a pentest take place?“
Our FAQ is of course regularly updated and extended.
You have more questions or want to order a pentest? Contact us now!
#1 – New Can I Trust Test Case – Browser returns secret out of pre-cached response in a CORS-Request
Update: Our WordPress Author Security Plugin is now available in the WordPress Plugin Store.
How can you actively prevent usernames from being enumerated on WordPress author pages?
In our Big Application Security Penetration Test FAQ for clients we answer everything you should know before, during and after the commissioning of an Application Security Penetration Test.
In focus today: Questions #18 and #19 – How are vulnerabilities found evaluated? And what is the CVSS?
CSRF Countermeasures #2: Another way to protect against CSRF – stateless – is the Double Submit Cookie method.