Comprehensive Whitebox Penetration Testing

Successful completion of a comprehensive whitebox penetration testing exercise

Issue to

Coreway UG (haftungsbeschränkt)

Validity

Issued

4/30/25

Expires

4/30/26

BAGE ID

4330532d-e930-484c-afab-4ae16ad4bfd5

Download Badge Copy verification link

Earning Criteria

No Critical or High-Level Vulnerabilities
No vulnerabilities were identified with critical or high severity levels, or they have been successfully remediated or mitigated.

No Active or Exploitable Threats
Final validation confirmed the absence of any active or exploitable threats, ensuring the system was secure at the time of testing.

OWASP WSTG Compliance Score > 90%
The system demonstrated strong security hygiene by scoring over 90% against the OWASP Web Security Testing Guide (WSTG), covering key areas such as authentication, access control, and input validation.

Security checks

OWASP WSTG categories

✔️ Information Gathering

✔️ Configuration Testing

✔️ Identity Management Testing

✔️ Authentication Testing

✔️ Authorization Testing

✔️ Session Management Testing

✔️ Input Validation Testing

✔️ Error Handling

✔️ Cryptography

✔️ Business Logic Testing

✔️ Client Side Testing

✔️ API Testing

OWASP MASTG categories

✔️ Storage

✔️ Crypto

✔️ Auth

✔️ Network

✔️ Platform

✔️ Code

✔️ Resilience

* ✔️ status means no critical high vulnerabilities associated with the category.

Methodology

Penetration Testing Execution Standard - an innovative penetration testing methodology being developed by the group of world leading penetration testing, security audit, and social engineering professionals.

OWASP Web Security Testing Guide - a comprehensive guide to testing the security of web applications and web services. Created by the collaborative efforts of cybersecurity professionals and dedicated volunteers, the WSTG provides a framework of best practices used by penetration testers all over the world.

OWASP Threat Modelling Process - a structured guide to application threat modeling that enables teams to identify, quantify, and address the security risks associated with an application.

OWASP Mobile Application Security Testing Guide - a comprehensive guide to testing the security of Android and iOS applications. Created by the collaborative efforts of cybersecurity professionals and dedicated volunteers, the WSTG provides a framework of best practices used by penetration testers all over the world.

About this credential

Sekurno successfully performed a comprehensive white-box penetration test for Coreway's Android and iOS mobile apps, thoroughly assessing both API endpoints and cloud infrastructure. The results highlight Coreway's strong commitment to maintaining a robust security posture and proactively addressing cybersecurity risks.

Comprehensive Whitebox Penetration Testing

Coreway UG (haftungsbeschränkt)

Earning Criteria

Security checks

Methodology

About this credential

Security Services

Compliance Services

Resources

Contact

Specialized Pentesting

Compliance Checklists

Company

Offices

Security and Compliance Checklists for Regulated Industries

Comprehensive Whitebox Penetration Testing

Coreway UG (haftungsbeschränkt)

About this credential