Question 1

How long does a penetration test take?

Accepted Answer

Our pentests are scoped as once-off engagements. A standard web application pentest typically takes 5-10 business days depending on the scope and complexity of the application. Infrastructure tests vary based on the number of IP addresses and network segments. We provide a detailed timeline during the scoping phase.

Question 2

Will penetration testing break our production systems?

Accepted Answer

We take every precaution to avoid disruption to your production environment. Our testers follow a carefully controlled methodology, and we agree on testing boundaries beforehand. For sensitive environments, we can test against staging or pre-production systems first.

Question 3

What certifications do your penetration testers hold?

Accepted Answer

Our penetration testing work is backed by practical training including PWPP, PWPA, Web Application Security & Testing, Mobile Application Penetration Testing, Practical Ethical Hacking, and Practical Malware Analysis & Triage through TCM Security.

Question 4

Do you provide remediation support after the test?

Accepted Answer

Yes. Every engagement includes a detailed report with prioritised remediation guidance. Higher-scope assessments include dedicated remediation support calls where our testers walk your development team through each finding and recommended fix.

Question 5

How is AI/LLM penetration testing different from traditional pentesting?

Accepted Answer

AI pentesting focuses on unique attack vectors like prompt injection, jailbreaking, data leakage through model outputs, and adversarial inputs. It requires specialised knowledge of machine learning systems and the OWASP Top 10 for LLM Applications.

Features	Single Platform	Cross-Platform
OWASP Mobile Top 10
About OWASP Mobile Top 10 "Testing against mobile-specific vulnerabilities"
API Backend Testing
About API Backend Testing "Security testing of the mobile app backend APIs"
Certificate Pinning Bypass
About Certificate Pinning Bypass "Testing SSL pinning implementation and bypass techniques"
Retests	1	2 per Platform
About Retests "Verification testing after remediation"
Runtime Manipulation
About Runtime Manipulation "Dynamic analysis and runtime hooking"

Mobile App Security Testing

Assessment Scope

Single Platform

Cross-Platform

What's Included

Frequently Asked Questions

Secure Your Mobile Applications