I uncover as many vulnerabilities as possible in an application with automated and manual penetration testing techniques. I follow the OWASP Web Security Testing Guide to ensure a thorough and repeatable assessment.
I review the code of an application to uncover vulnerabilities and design flaws that automated scanners typically won't find. A secure code review is often combined with a vulnerability assessment to form an efficient White-box assessment.
I work closely with your company's development team to identify threats against systems through a systematic analysis involving data flow diagrams, attack trees, methodologies, and even games.
I teach your company's development team to recognize and rectify common web application flaws and vulnerabilities with code examples and an interactive Capture The Flag session where the team identify, and exploit vulnerabilities in an intentionally insecure web application.
I charge based on a daily rate between €800—€1000 depending on the task and timeline. I prefer to work remote when the task allows for it.