The pentest results are as good as the security researchers who perform the pentest. Only highly educated, certified and experienced researchers work at Web Security Scan. In security assessments we focus on manual testing methods. Our researchers analyze the behavior and structure of a web application and underlying systems, which is translated into a customized and effective pentest. This way you are assured of the most complete research results.
Many other security service providers merely use fully automatic security tools (so-called point-and-shoot tools), which make crucial assumptions about the web application. This could result in functionalities being scanned incorrectly or not at all. It often happens that findings from security tools are not placed in the correct context by the researchers or are not correctly related to other findings that have been made. At Web Security Scan we place extra emphasis on this and we assess every finding in the context of the test object.
Our expertise in both web security and web development enables our researchers to analyze security by its source code, and makes us aware of where programmers (can) make security errors during development. Unlike other service providers, our researchers can execute a pentest using the source code to detect vulnerabilities, without any additional costs for the client.