Scheduling APIs SaaS Provider
Technology firm providing scheduling APIs via its Rails-based SaaS platform.
The client requires bi-annual penetration testing of their service.
4ARMED provided a specialist application security tester with domain expertise in API-driven platforms. Application security test-cases were built out from Postman collections to fully explore the API functionality.
Rails provided significant security out of the box and code quality was found to be high but a number of novel edge-case issues were identified that our client was pleased to be able to address.
Further follow-up work has since been conducted including vulnerability scanning, wider consultancy and a review of their Kubernetes-based infrastructure on AWS.
Great communication and overall professionalism. Found several things that previous penetration tests by other companies did not uncover.
Could your business benefit from an engagement like this? Want to discuss your requirements further? Give us a call or complete the contact form below to tell us about your requirements and we will work with you to find the best solution for you.