We have experience auditing virtually any type of platform and codebase, working with vendors, enterprises and startups. Combining various techniques and tools, we discover design flaws and implementation vulnerabilities deep within code. We understand complex systems and have extensive defense expertise, which allows us to provide actionable real-life solutions to mitigate vulnerabilities and reduce the exposure. We are also industry leaders in the areas of GraphQL and Electron security, publishing open source tools such as InQL, electronegativity and our premium Electron security tool ElectroNG.
Our methodology combines source code review with dynamic testing to deliver effective and efficient security auditing. We strongly encourage our clients to provide source code during security testing activities, however we are nevertheless comfortable with traditional black-box testing.