What we do

We go beyond finding SQL injection and cross site scripting (XSS) and perform logic testing to find ways that attackers could defraud you. E-commerce websites have been known to allow users to purchase items for less than their advertised price or even credit their accounts.

The Security Bureau tests to the OWASP Top Ten but we go way beyond that. The exploitation of low risk vulnerabilities could be combined to result in the complete compromise of the application.

Our approach to your security test will depend on the information we gather at our project kick-off meeting with you. Typically, your testing will involve looking for exploitable vulnerabilities that would enable us to:

• Access restricted data
• Modify site content
• Change the value of goods and defraud you
• Gain additional system information and user privileges


More articles

The latest from the security bureau

We are now Informer

It’s been a busy start to 2020. Behind the scenes, we’ve been enhancing our SaaS platform, rebuilding our website and rebranding to Informer. Since 2014, The Security Bureau has helped our customers identify vulnerabilities in their systems and applications with our penetration testing services. As the security landscape has changed, we’re now taking a SaaS […]

Why financial services need penetration testing in 2020

It’s that time of year again, where we try to shed the festive pounds and look to the year ahead. 2020 promises to be an interesting time for cybersecurity in financial services. Not least because of Brexit and the US presidential election. Here’s our essential cybersecurity in 2020 lowdown.