Our client came to us with the goal of identifying and fixing security vulnerabilties in their new client app prior to launch. Given the sensitive policy information and regulatory requirements of their industry it was a crucial matter of both due diligence and client trust for them to thoroughly validate the security of their app prior to launch.
The Nagarro team reviewed the development specs and had an initial scoping workshop. It was important to us to include the client’s development team in the discussion to understand their process, concerns and goals. Nagarro used a team of 3 testers working concurrently to carry out both penetration testing and code review of Android and iOS versions of the app. This also included testing of the related Internet-facing systems and REST API.
We communicated clearly, early and often with the client’s dev team to give them a headstart on addressing the most serious vulnerabilites while testing was ongoing. In the end, the combination of professional project management and highly skilled penetration testers from Nagarro left our client with a peace of mind that could only come from knowing critical security vulnerabilities in their app had been fixed and they had taken the right steps to protect their most valuable asset, their customers’ trust.