Amplia Security offers a wide range of information security professional services, including:

  • arrowNetwork Penetration Testing
  • arrowWeb Application Penetration Testing
  • arrowWeb Services Penetration Testing
  • arrowAndroid/iOS Apps Penetration Testing
  • arrowAndroid/iOS Apps Source Code Review
  • arrowAndroid/iOS Apps Reverse Engineering
  • arrowSoftware Penetration Testing
  • arrowClient-Side Penetration Testing
  • arrowWireless Penetration Testing
  • arrowAppliance Penetration Testing
  • arrowSoftware Security Assessments
  • arrowSource Code Reviews
  • arrowCopy Protection / Licensing scheme
  • arrowDRM security assessments

Penetration Testing is a method used to evaluate the security of a network, web application, web service, and any other software system or device by simulating an attack in a controlled manner. The analysis is performed using different attacker profiles with little or no information about the systems under review.

Amplia Security Penetration Testing Methodology is the result of over 14 years of experience. We focus on manual testing of the systems which allows for the detection of logic flaws and complex vulnerabilities with the help of automated tools to obtain the best results in a time efficient manner.

Our methodology includes the following phases:

  • arrowInformation gathering
  • arrowVulnerability assessment
  • arrowInformation Analysis
  • arrowExploitation
  • arrowContinuous Reporting

Our methodology is aimed at finding known and also previously unknown vulnerabilities using different techniques including reverse engineering, instrumentation, manual fault injection, automated fuzzing and the creation of custom tools / Proof-of-concept code.

The deliverables for a Penetration Test include:

  • arrowFinal Report containing an Executive Summary, Conclusions and General Recommendations, and a very detailed technical description of each of the issues found and possible solutions/workarounds (including proof-of-concept code when possible).

Penetration Testing is the best option to evaluate the security of a system using a reduced amount of time.

Source Code Reviews and security assessments in general consist in a more detailed and thorough examination of the security of a system and as a result take longer to perform.

Amplia Security Source Code Review methodology includes the following tasks:

  • arrowManual inspection of the code
  • arrowUse of automated tools to identify common implementation errors and ‘suspicious’ code
  • arrowVerification of issues found by testing against the application / system when available
  • arrowReview of the application as a whole looking for logic flaws and other vulnerabilities

For more information or if you have special requirements please contact us at