Web/API Penetration Test Blog by turingpoint

Blog posts about Web/API Penetration Test from our team.
What is NIST's Cybersecurity Framework?
What is NIST's Cybersecurity Framework?
New

A powerful tool, the Cybersecurity Framework helps NIST organize and improve your cybersecurity at the same time.

More
Pinning of Certificates and Public Keys
Pinning of Certificates and Public Keys

Public key pinning allows you to specify your public key set for a future SSL/TLS connection to your host.

More
WordPress Security - Securing Websites with Hardening Plugin and Co.
WordPress Security - Securing Websites with Hardening Plugin and Co.

There are numerous ways with which you can increase WordPress security.

More
Penetration Testing for modern SaaS Solutions
Penetration Testing for modern SaaS Solutions

With SaaS software, users view their sensitive data directly in the browser, which makes regular penetration testing necessary.

More
Pentest: Which Components should be Considered First?
Pentest: Which Components should be Considered First?

For most applications, it makes sense to check the API interface first. Vulnerabilities of severity critical can arise here.

More
Does a Pentest have to be Done only Once?
Does a Pentest have to be Done only Once?

Companies often think that a single pentest before rolling out a system is sufficient. Why this assumption is a mistake?

More
What is an Ethical Hacker?
What is an Ethical Hacker?

Hackers have a bad reputation. They penetrate security systems, steal data and cause financial damage. But is that true?

More